Class: Policies

Inherits:

Object

• Object
• Policies

Defined in:

ext/policies.rb

Instance Method Summary

• #create_policies(policies) ⇒ Object
• #get_policies(group = nil) ⇒ Object
• #gsub_yml(resource) ⇒ Object

  replaces %variables in the yml.

• #initialize ⇒ Policies constructor

  A new instance of Policies.

Constructor Details

#initialize ⇒ Policies

Returns a new instance of Policies.

# File 'ext/policies.rb', line 18

def initialize
  @policy_array = Array.new
  @config = Configs.all
  @policies = (@config.key?('custom_policies') ? Configs.managed_policies.merge(@config['custom_policies']) : Configs.managed_policies)
end

Instance Method Details

#create_policies(policies) ⇒ Object

# File 'ext/policies.rb', line 30

def create_policies(policies)
  policies.each do |policy|
    raise "ERROR: #{policy} policy doesn't exist in the managed policies or as a custom policy" unless @policies.key?(policy)
    resource = (@policies[policy].key?('resource') ? gsub_yml(@policies[policy]['resource']) : ["*"])
    @policy_array << { PolicyName: policy, PolicyDocument: { Statement: [ { Effect:"Allow", Action: @policies[policy]['action'], Resource: resource }]} }
  end
  return @policy_array
end

#get_policies(group = nil) ⇒ Object

# File 'ext/policies.rb', line 24

def get_policies(group = nil)
  create_policies(@config['default_policies']) if @config.key?('default_policies')
  create_policies(@config['group_policies'][group]) unless group.nil?
  return @policy_array
end

#gsub_yml(resource) ⇒ Object

replaces %variables in the yml

# File 'ext/policies.rb', line 40

def gsub_yml(resource)
  replaced = []
  resource.each { |r|
    if r.is_a? String
      replaced << r.gsub('%{source_bucket}', @config['source_bucket'])
    else
      replaced << r
    end
  }

  return replaced
end