Module: OpsWorks::CLI::Subcommands::IAM

Included in:
Agent
Defined in:
lib/opsworks/cli/subcommands/iam.rb

Class Method Summary collapse

Class Method Details

.included(thor) ⇒ Object

rubocop:disable MethodLength rubocop:disable CyclomaticComplexity



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
 
# File 'lib/opsworks/cli/subcommands/iam.rb', line 9

def self.included(thor)
  thor.class_eval do
    desc 'iam:allow USER [--stack STACK]',
         'Allow an IAM user on a stack'
    option :stack, type: :array
    option :ssh, type: :boolean, default: true
    option :sudo, type: :boolean, default: true
    define_method 'iam:allow' do |user|
      fetch_credentials unless env_credentials?
      stacks = parse_stacks(options.merge(active: true))
      stacks.each do |stack|
        permission = stack.find_permission_by_user(user)
        next unless permission
        say "Updating permissions on #{stack.name}..."
        permission.update(ssh: options[:ssh], sudo: options[:sudo])
      end
    end

    desc 'iam:lockdown [--stack STACK]', 'Remove all stack permissions'
    option :stack, type: :array
    define_method 'iam:lockdown' do
      fetch_credentials unless env_credentials?
      stacks = parse_stacks(options.merge(active: true))
      stacks.each do |stack|
        say "Locking down #{stack.name}..."
        stack.permissions.each do |permission|
          permission.update(ssh: false, sudo: false)
        end
      end
    end
  end
end