Module: Awspec::Helper::Finder::Iam

Included in:
Awspec::Helper::Finder
Defined in:
lib/awspec/helper/finder/iam.rb

Instance Method Summary collapse

Instance Method Details

#select_all_attached_policiesObject 



83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
 
# File 'lib/awspec/helper/finder/iam.rb', line 83

def select_all_attached_policies
  selected = []
  res = iam_client.list_policies

  loop do
    selected += res.policies.select { |p| p.attachment_count > 0 }
    break unless res.is_truncated

    res = iam_client.list_policies({
                                     marker: res.marker
                                   })
  end

  selected
end

#select_all_iam_groupsObject 



125
126
127
128
129
 
# File 'lib/awspec/helper/finder/iam.rb', line 125

def select_all_iam_groups
  iam_client.list_groups.map do |response|
    response.groups
  end.flatten
end

#select_all_iam_rolesObject 



131
132
133
134
135
 
# File 'lib/awspec/helper/finder/iam.rb', line 131

def select_all_iam_roles
  iam_client.list_roles.map do |response|
    response.roles
  end.flatten
end

#select_all_iam_usersObject 



119
120
121
122
123
 
# File 'lib/awspec/helper/finder/iam.rb', line 119

def select_all_iam_users
  iam_client.list_users.map do |response|
    response.users
  end.flatten
end

#select_attached_entities(policy_id) ⇒ Object 



99
100
101
102
 
# File 'lib/awspec/helper/finder/iam.rb', line 99

def select_attached_entities(policy_id)
  policy = find_iam_policy(policy_id)
  iam_client.list_entities_for_policy(policy_arn: policy[:arn])
end

#select_attached_groups(policy_id) ⇒ Object 



109
110
111
112
 
# File 'lib/awspec/helper/finder/iam.rb', line 109

def select_attached_groups(policy_id)
  entities = select_attached_entities(policy_id)
  entities.policy_groups
end

#select_attached_roles(policy_id) ⇒ Object 



114
115
116
117
 
# File 'lib/awspec/helper/finder/iam.rb', line 114

def select_attached_roles(policy_id)
  entities = select_attached_entities(policy_id)
  entities.policy_roles
end

#select_attached_users(policy_id) ⇒ Object 



104
105
106
107
 
# File 'lib/awspec/helper/finder/iam.rb', line 104

def select_attached_users(policy_id)
  entities = select_attached_entities(policy_id)
  entities.policy_users
end

#select_iam_group_by_user_name(user_name) ⇒ Object 



58
59
60
61
62
63
 
# File 'lib/awspec/helper/finder/iam.rb', line 58

def select_iam_group_by_user_name(user_name)
  res = iam_client.list_groups_for_user({
                                          user_name: user_name
                                        })
  res.groups
end

#select_policy_evaluation_results(policy_arn, action_name, resource_arn = nil, context_entries = nil) ⇒ Object 



46
47
48
49
50
51
52
53
54
55
56
 
# File 'lib/awspec/helper/finder/iam.rb', line 46

def select_policy_evaluation_results(policy_arn, action_name, resource_arn = nil, context_entries = nil)
  options = {
    policy_source_arn: policy_arn,
    action_names: [action_name]
  }
  options[:resource_arns] = [resource_arn] if resource_arn
  options[:context_entries] = context_entries if context_entries

  res = iam_client.simulate_principal_policy(options)
  res.evaluation_results
end