Class: S3Secure::Policy::Unforce
- Inherits:
-
Base
- Object
- AbstractBase
- Base
- S3Secure::Policy::Unforce
- Defined in:
- lib/s3_secure/policy/unforce.rb
Instance Method Summary collapse
-
#initialize(options = {}) ⇒ Unforce
constructor
A new instance of Unforce.
- #run ⇒ Object
Methods inherited from AbstractBase
Methods included from AwsServices
#new_s3_regional_client, #s3_client, #s3_regional_client
Constructor Details
#initialize(options = {}) ⇒ Unforce
Returns a new instance of Unforce.
3 4 5 6 |
# File 'lib/s3_secure/policy/unforce.rb', line 3 def initialize(={}) super @sid = [:sid] end |
Instance Method Details
#run ⇒ Object
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 |
# File 'lib/s3_secure/policy/unforce.rb', line 8 def run @s3 = s3_regional_client(@bucket) list = S3Secure::Policy::List.new(@options) list.set_s3(@s3) bucket_policy = list.get_policy(@bucket) document = Document.new(@bucket, bucket_policy, remove: true) if document.has?(@sid) # Set encryption rules # Ruby docs: https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/S3/Client.html#put_bucket_policy-instance_method # API docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ServerSideEncryptionByDefault.html # # put_bucket_policy returns #<struct Aws::EmptyStructure> # policy_document = document.policy_document(@sid) if policy_document @s3.put_bucket_policy( bucket: @bucket, policy: policy_document, ) else @s3.delete_bucket_policy(bucket: @bucket) end puts "Remove bucket policy statement from bucket #{@bucket}:" puts policy_document if policy_document else puts "Bucket policy for #{@bucket} does not have ForceSSLOnlyAccess policy statement. Nothing to be done." end end |