Class: Policies
- Inherits:
-
Object
- Object
- Policies
- Defined in:
- ext/policies.rb
Instance Method Summary collapse
- #create_policies(policies) ⇒ Object
- #get_policies(group = nil) ⇒ Object
-
#gsub_yml(resource) ⇒ Object
replaces %variables in the yml.
-
#initialize ⇒ Policies
constructor
A new instance of Policies.
Constructor Details
#initialize ⇒ Policies
Returns a new instance of Policies.
18 19 20 21 22 |
# File 'ext/policies.rb', line 18 def initialize @policy_array = Array.new @config = Configs.all @policies = (@config.key?('custom_policies') ? Configs.managed_policies.merge(@config['custom_policies']) : Configs.managed_policies) end |
Instance Method Details
#create_policies(policies) ⇒ Object
30 31 32 33 34 35 36 37 |
# File 'ext/policies.rb', line 30 def create_policies(policies) policies.each do |policy| raise "ERROR: #{policy} policy doesn't exist in the managed policies or as a custom policy" unless @policies.key?(policy) resource = (@policies[policy].key?('resource') ? gsub_yml(@policies[policy]['resource']) : ["*"]) @policy_array << { PolicyName: policy, PolicyDocument: { Statement: [ { Effect:"Allow", Action: @policies[policy]['action'], Resource: resource }]} } end return @policy_array end |
#get_policies(group = nil) ⇒ Object
24 25 26 27 28 |
# File 'ext/policies.rb', line 24 def get_policies(group = nil) create_policies(@config['default_policies']) if @config.key?('default_policies') create_policies(@config['group_policies'][group]) unless group.nil? return @policy_array end |
#gsub_yml(resource) ⇒ Object
replaces %variables in the yml
40 41 42 43 44 45 46 47 48 49 50 51 |
# File 'ext/policies.rb', line 40 def gsub_yml(resource) replaced = [] resource.each { |r| if r.is_a? String replaced << r.gsub('%{source_bucket}', @config['source_bucket']) else replaced << r end } return replaced end |