Class: IAM::AssumeRoleStatement

Inherits:

Object

• Object
• IAM::AssumeRoleStatement

Defined in:

lib/w-stdlib/aws.rb

Instance Method Summary

• #allow? ⇒ Boolean
• #applies_to_principal?(arn) ⇒ Boolean
• #assume_role? ⇒ Boolean
• #deny? ⇒ Boolean
• #initialize(s) ⇒ AssumeRoleStatement constructor

  A new instance of AssumeRoleStatement.

Constructor Details

#initialize(s) ⇒ AssumeRoleStatement

Returns a new instance of AssumeRoleStatement.

# File 'lib/w-stdlib/aws.rb', line 13

def initialize(s)
  @effect = s['Effect']
  @action = s['Action']
  @principal = s['Principal'].map_vals(&:lift_array) # principals can be string or string[]
end

Instance Method Details

#allow? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/w-stdlib/aws.rb', line 19

def allow?
  @effect.downcase == 'allow'
end

#applies_to_principal?(arn) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/w-stdlib/aws.rb', line 31

def applies_to_principal?(arn)
  @principal.fetch('AWS', []).any? { Glob.new(_1).match? arn }
end

#assume_role? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/w-stdlib/aws.rb', line 27

def assume_role?
  @action.include? 'sts:AssumeRole'
end

#deny? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/w-stdlib/aws.rb', line 23

def deny?
  @effect.downcase == 'deny'
end