Skip to content

Commit

Permalink
Merge pull request #60 from fcheung/iam_attach_policy
Browse files Browse the repository at this point in the history 
Support for IAM managed policies
  • Loading branch information
@geemus
geemus committed Feb 23, 2015
2 parents 007105c + 31aa4a0 commit 072a3e9
Show file tree
Hide file tree
Showing 16 changed files with 529 additions and 0 deletions.
9 changes: 9 additions & 0 deletions lib/fog/aws/iam.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,15 @@ class ValidationError < Fog::AWS::IAM::Error; end
request_path 'fog/aws/requests/iam'
request :add_user_to_group
request :add_role_to_instance_profile
request :attach_group_policy
request :attach_role_policy
request :attach_user_policy
request :create_access_key
request :create_account_alias
request :create_group
request :create_instance_profile
request :create_login_profile
request :create_policy
request :create_role
request :create_user
request :delete_access_key
Expand All @@ -31,12 +35,16 @@ class ValidationError < Fog::AWS::IAM::Error; end
request :delete_group_policy
request :delete_instance_profile
request :delete_login_profile
request :delete_policy
request :delete_role
request :delete_role_policy
request :delete_server_certificate
request :delete_signing_certificate
request :delete_user
request :delete_user_policy
request :detach_group_policy
request :detach_role_policy
request :detach_user_policy
request :get_account_summary
request :get_account_password_policy
request :get_group
Expand All @@ -56,6 +64,7 @@ class ValidationError < Fog::AWS::IAM::Error; end
request :list_instance_profiles
request :list_instance_profiles_for_role
request :list_mfa_devices
request :list_policies
request :list_roles
request :list_role_policies
request :list_server_certificates
Expand Down
Binary file added lib/fog/aws/parsers/.DS_Store
View file
Binary file not shown.
29 changes: 29 additions & 0 deletions lib/fog/aws/parsers/iam/list_managed_policies.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
module Fog
module Parsers
module AWS
module IAM
require 'fog/aws/parsers/iam/policy_parser'
class ListManagedPolicies < Fog::Parsers::AWS::IAM::PolicyParser
def reset
super
@response = { 'Policies' => [] , 'Marker' => '', 'IsTruncated' => false}
end

def finished_policy(policy)
@response['Policies'] << policy
end

def end_element(name)
case name
when 'RequestId', 'Marker'
@response[name] = value
when 'IsTruncated'
@response[name] = (value == 'true')
end
super
end
end
end
end
end
end
57 changes: 57 additions & 0 deletions lib/fog/aws/parsers/iam/policy_parser.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,57 @@
module Fog
module Parsers
module AWS
module IAM
class PolicyParser < Fog::Parsers::Base
def reset
@policy = fresh_policy
@stack = []
end

def start_element(name,attrs = [])
case name
when 'Policies'
@stack << name
when 'Policy'
@role =fresh_policy
when 'member'
if @stack.last == 'Policies'
@role = fresh_policy
end
end
super
end

def fresh_policy
{'AttachmentCount' => 0, 'Description' => ''}
end

def end_element(name)
case name
when 'Arn', 'DefaultVersionId', 'Description', 'Path', 'PolicyName', 'PolicyId'
@policy[name] = value
when 'CreateDate', 'UpdateDate'
@policy[name] = Time.parse(value)
when 'IsAttachable'
@policy[name] = (value == 'true')
when 'AttachmentCount'
@policy[name] = value.to_i
when 'Policy'
finished_policy(@policy)
@policy = nil
when 'Policies'
if @stack.last == 'Policies'
@stack.pop
end
when 'member'
if @stack.last == 'Policies'
finished_policy(@policy)
@policy = nil
end
end
end
end
end
end
end
end
27 changes: 27 additions & 0 deletions lib/fog/aws/parsers/iam/single_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
module Fog
module Parsers
module AWS
module IAM
require 'fog/aws/parsers/iam/policy_parser'
class SinglePolicy < Fog::Parsers::AWS::IAM::PolicyParser
def reset
super
@response = { 'Policy' => {} }
end

def finished_policy(policy)
@response['Policy'] = policy
end

def end_element(name)
case name
when 'RequestId'
@response[name] = value
end
super
end
end
end
end
end
end
Binary file added lib/fog/aws/requests/.DS_Store
View file
Binary file not shown.
32 changes: 32 additions & 0 deletions lib/fog/aws/requests/iam/attach_group_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
module Fog
module AWS
class IAM
class Real
require 'fog/aws/parsers/iam/basic'

# Attaches a managed policy to a group
#
# ==== Parameters
# * group_name<~String>: name of the group
# * policy_arn<~String>: arn of the managed policy
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'RequestId'<~String> - Id of the request
#
# ==== See Also
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachGroupPolicy.html
#
def attach_group_policy(group_name, policy_arn)
request(
'Action' => 'AttachGroupPolicy',
'GroupName' => group_name,
'PolicyArn' => policy_arn,
:parser => Fog::Parsers::AWS::IAM::Basic.new
)
end
end
end
end
end
32 changes: 32 additions & 0 deletions lib/fog/aws/requests/iam/attach_role_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
module Fog
module AWS
class IAM
class Real
require 'fog/aws/parsers/iam/basic'

# Attaches a managed policy to a role
#
# ==== Parameters
# * role_name<~String>: name of the role
# * policy_arn<~String>: arn of the managed policy
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'RequestId'<~String> - Id of the request
#
# ==== See Also
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachRolePolicy.html
#
def attach_role_policy(role_name, policy_arn)
request(
'Action' => 'AttachRolePolicy',
'RoleName' => role_name,
'PolicyArn' => policy_arn,
:parser => Fog::Parsers::AWS::IAM::Basic.new
)
end
end
end
end
end
32 changes: 32 additions & 0 deletions lib/fog/aws/requests/iam/attach_user_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
module Fog
module AWS
class IAM
class Real
require 'fog/aws/parsers/iam/basic'

# Attaches a managed policy to a user
#
# ==== Parameters
# * user_name<~String>: name of the user
# * policy_arn<~String>: arn of the managed policy
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'RequestId'<~String> - Id of the request
#
# ==== See Also
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_AttachUserPolicy.html
#
def attach_user_policy(user_name, policy_arn)
request(
'Action' => 'AttachUserPolicy',
'UserName' => user_name,
'PolicyArn' => policy_arn,
:parser => Fog::Parsers::AWS::IAM::Basic.new
)
end
end
end
end
end
47 changes: 47 additions & 0 deletions lib/fog/aws/requests/iam/create_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
module Fog
module AWS
class IAM
class Real
require 'fog/aws/parsers/iam/single_policy'

# Creates a managed policy
#
# ==== Parameters
# * policy_name<~String>: name of policy document
# * policy_document<~Hash>: policy document, see: http://docs.amazonwebservices.com/IAM/latest/UserGuide/PoliciesOverview.html
# * path <~String>: path of the policy
# * description <~String>: description for the policy
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'RequestId'<~String> - Id of the request
# * 'Policy'<~Hash>:
# * Arn
# * AttachmentCount
# * CreateDate
# * DefaultVersionId
# * Description
# * IsAttachable
# * Path
# * PolicyId
# * PolicyName
# * UpdateDate
# ==== See Also
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_CreatePolicy.html
#
def create_policy(policy_name, policy_document, path=nil, description=nil)
request({
'Action' => 'CreatePolicy',
'PolicyName' => policy_name,
'PolicyDocument' => Fog::JSON.encode(policy_document),
'Path' => path,
'Description' => description,
:parser => Fog::Parsers::AWS::IAM::SinglePolicy.new
}.reject {|_, value| value.nil?})
end
end


end
end
end
30 changes: 30 additions & 0 deletions lib/fog/aws/requests/iam/delete_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
module Fog
module AWS
class IAM
class Real
require 'fog/aws/parsers/iam/basic'

# Deletes a manged policy
#
# ==== Parameters
# * policy_arn<~String>: arn of the policy
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'RequestId'<~String> - Id of the request
#
# ==== See Also
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_DeletePolicy.html
#
def delete_policy(policy_arn)
request(
'Action' => 'DeletePolicy',
'PolicyArn' => policy_arn,
:parser => Fog::Parsers::AWS::IAM::Basic.new
)
end
end
end
end
end
32 changes: 32 additions & 0 deletions lib/fog/aws/requests/iam/detach_group_policy.rb
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
module Fog
module AWS
class IAM
class Real
require 'fog/aws/parsers/iam/basic'

# Detaches a managed policy from a group
#
# ==== Parameters
# * group_name<~String>: name of the group
# * policy_arn<~String>: arn of the managed policy
#
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'RequestId'<~String> - Id of the request
#
# ==== See Also
# http://docs.aws.amazon.com/IAM/latest/APIReference/API_DetachGroupPolicy.html
#
def detach_group_policy(group_name, policy_arn)
request(
'Action' => 'DetachGroupPolicy',
'GroupName' => group_name,
'PolicyArn' => policy_arn,
:parser => Fog::Parsers::AWS::IAM::Basic.new
)
end
end
end
end
end
Loading

0 comments on commit 072a3e9

Please sign in to comment.