Module: Awspec::Helper::Finder::Iam

Included in:

Awspec::Helper::Finder

Defined in:

lib/awspec/helper/finder/iam.rb

Instance Method Summary

• #find_iam_group(id) ⇒ Object
• #find_iam_policy(id) ⇒ Object
• #find_iam_role(id) ⇒ Object
• #find_iam_user(id) ⇒ Object
• #select_all_attached_policies ⇒ Object
• #select_attached_entities(policy_id) ⇒ Object
• #select_attached_groups(policy_id) ⇒ Object
• #select_attached_roles(policy_id) ⇒ Object
• #select_attached_users(policy_id) ⇒ Object
• #select_iam_group_by_user_name(user_name) ⇒ Object
• #select_iam_policy_by_group_name(group_name) ⇒ Object
• #select_iam_policy_by_role_name(role_name) ⇒ Object
• #select_iam_policy_by_user_name(user_name) ⇒ Object

Instance Method Details

#find_iam_group(id) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 18

def find_iam_group(id)
  selected = []
  res = @iam_client.list_groups

  loop do
    selected += res.groups.select do |g|
      g.group_name == id || g.group_id == id || g.arn == id
    end
    (res.next_page? && res = res.next_page) || break
  end

  selected.first if selected.count == 1
end

#find_iam_policy(id) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 46

def find_iam_policy(id)
  selected = []
  res = @iam_client.list_policies

  loop do
    selected += res.policies.select do |p|
      p.policy_name == id || p.policy_id == id || p.arn == id
    end
    (res.next_page? && res = res.next_page) || break
  end

  selected.first if selected.count == 1
end

#find_iam_role(id) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 32

def find_iam_role(id)
  selected = []
  res = @iam_client.list_roles

  loop do
    selected += res.roles.select do |r|
      r.role_name == id || r.role_id == id || r.arn == id
    end
    (res.next_page? && res = res.next_page) || break
  end

  selected.first if selected.count == 1
end

#find_iam_user(id) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 4

def find_iam_user(id)
  selected = []
  res = @iam_client.list_users

  loop do
    selected += res.users.select do |u|
      u.user_name == id || u.user_id == id || u.arn == id
    end
    (res.next_page? && res = res.next_page) || break
  end

  selected.first if selected.count == 1
end

#select_all_attached_policies ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 88

def select_all_attached_policies
  selected = []
  res = @iam_client.list_policies

  loop do
    selected += res.policies.select { |p| p.attachment_count > 0 }
    (res.next_page? && res = res.next_page) || break
  end

  selected
end

#select_attached_entities(policy_id) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 100

def select_attached_entities(policy_id)
  policy = find_iam_policy(policy_id)
  @iam_client.list_entities_for_policy(policy_arn: policy[:arn])
end

#select_attached_groups(policy_id) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 110

def select_attached_groups(policy_id)
  entities = select_attached_entities(policy_id)
  entities.policy_groups
end

#select_attached_roles(policy_id) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 115

def select_attached_roles(policy_id)
  entities = select_attached_entities(policy_id)
  entities.policy_roles
end

#select_attached_users(policy_id) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 105

def select_attached_users(policy_id)
  entities = select_attached_entities(policy_id)
  entities.policy_users
end

#select_iam_group_by_user_name(user_name) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 60

def select_iam_group_by_user_name(user_name)
  res = @iam_client.list_groups_for_user({
                                           user_name: user_name
                                         })
  res.groups
end

#select_iam_policy_by_group_name(group_name) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 74

def select_iam_policy_by_group_name(group_name)
  res = @iam_client.list_attached_group_policies({
                                                   group_name: group_name
                                                 })
  res.attached_policies
end

#select_iam_policy_by_role_name(role_name) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 81

def select_iam_policy_by_role_name(role_name)
  res = @iam_client.list_attached_role_policies({
                                                  role_name: role_name
                                                })
  res.attached_policies
end

#select_iam_policy_by_user_name(user_name) ⇒ Object

# File 'lib/awspec/helper/finder/iam.rb', line 67

def select_iam_policy_by_user_name(user_name)
  res = @iam_client.list_attached_user_policies({
                                                  user_name: user_name
                                                })
  res.attached_policies
end