Class: IAM::AssumeRolePolicyDocument

Inherits:

Object

• Object
• IAM::AssumeRolePolicyDocument

Defined in:

lib/w-stdlib/aws.rb

Class Method Summary

• .from_role(role) ⇒ Object

  initializes from a hash of params.

Instance Method Summary

• #can_assume?(arn) ⇒ Boolean
• #initialize(doc) ⇒ AssumeRolePolicyDocument constructor

  A new instance of AssumeRolePolicyDocument.

Constructor Details

#initialize(doc) ⇒ AssumeRolePolicyDocument

Returns a new instance of AssumeRolePolicyDocument.

# File 'lib/w-stdlib/aws.rb', line 37

def initialize(doc)
  @doc = doc
  @statements = doc['Statement'].map { AssumeRoleStatement.new _1 }
end

Class Method Details

.from_role(role) ⇒ Object

initializes from a hash of params. it supports docs as url encoded json strings, like the aws api returns or docs that are nested hashes and arrays

# File 'lib/w-stdlib/aws.rb', line 45

def self.from_role(role)
  doc = role[:assume_role_policy_document]
  doc = role["AssumeRolePolicyDocument"] unless doc
  raise 'invalid role' unless doc

  doc = doc.url_decode.from_json if doc.is_a? String

  self.new doc
end

Instance Method Details

#can_assume?(arn) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/w-stdlib/aws.rb', line 55

def can_assume?(arn)
  return false if explicitly_denied? arn
  return true if explicitly_allowed? arn
  false
end