Class: Ufo::IamRole::Builder
- Inherits:
-
Object
- Object
- Ufo::IamRole::Builder
- Defined in:
- lib/ufo/iam_role/builder.rb
Instance Method Summary collapse
- #build ⇒ Object
- #build? ⇒ Boolean
-
#initialize(role_type) ⇒ Builder
constructor
A new instance of Builder.
- #managed_policy_arns ⇒ Object
- #policies ⇒ Object
- #resource(policies, managed_policy_arns) ⇒ Object
Constructor Details
#initialize(role_type) ⇒ Builder
Returns a new instance of Builder.
3 4 5 |
# File 'lib/ufo/iam_role/builder.rb', line 3 def initialize(role_type) @role_type = role_type end |
Instance Method Details
#build ⇒ Object
7 8 9 |
# File 'lib/ufo/iam_role/builder.rb', line 7 def build resource(policies, managed_policy_arns) end |
#build? ⇒ Boolean
11 12 13 |
# File 'lib/ufo/iam_role/builder.rb', line 11 def build? !!(policies || managed_policy_arns) end |
#managed_policy_arns ⇒ Object
31 32 33 34 35 36 37 38 |
# File 'lib/ufo/iam_role/builder.rb', line 31 def managed_policy_arns items = Registry.managed_policies[@role_type] # Array of Arrays return unless items && !items.empty? items.map do |item| item.include?('iam::aws:policy') ? item : "arn:aws:iam::aws:policy/#{item}" end end |
#policies ⇒ Object
15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 |
# File 'lib/ufo/iam_role/builder.rb', line 15 def policies items = Registry.policies[@role_type] # Array of Arrays return unless items && !items.empty? items.map do |item| policy_name, statements = item # first element has policy name, second element has statements { PolicyName: policy_name, PolicyDocument: { Version: "2012-10-17", Statement: statements } } end end |
#resource(policies, managed_policy_arns) ⇒ Object
40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
# File 'lib/ufo/iam_role/builder.rb', line 40 def resource(policies, managed_policy_arns) properties = { AssumeRolePolicyDocument: { Version: "2012-10-17", Statement: [ { Effect: "Allow", Principal: { Service: "ecs-tasks.amazonaws.com" }, Action: "sts:AssumeRole" } ] }, } properties[:Policies] = policies if policies properties[:ManagedPolicyArns] = managed_policy_arns if managed_policy_arns attrs = { Type: "AWS::IAM::Role", Properties: properties } attrs.deep_stringify_keys end |