Class: Drunker::Executor::IAM

Inherits:
Object
  • Object
show all
Defined in:
lib/drunker/executor/iam.rb

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(source:, artifact:, config:, logger:) ⇒ IAM

Returns a new instance of IAM.



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
 
# File 'lib/drunker/executor/iam.rb', line 6

def initialize(source:, artifact:, config:, logger:)
  timestamp = Time.now.to_i
  client = Aws::IAM::Client.new(config.aws_client_options)
  iam = Aws::IAM::Resource.new(client: client)

  @role = iam.create_role(
      role_name: "drunker-codebuild-servie-role-#{timestamp}",
      assume_role_policy_document: role_json,
  )
  logger.info("Created IAM role: #{role.name}")
  @policy = iam.create_policy(
      policy_name: "drunker-codebuild-service-policy-#{timestamp}",
      policy_document: policy_json(source: source, artifact: artifact)
  )
  logger.info("Created IAM policy: #{policy.policy_name}")
  role.attach_policy(policy_arn: policy.arn)
  logger.debug("Attached #{policy.policy_name} to #{role.name}")
  @logger = logger
end

Instance Attribute Details

#roleObject (readonly)

Returns the value of attribute role.



4
5
6
 
# File 'lib/drunker/executor/iam.rb', line 4

def role
  @role
end

Instance Method Details

#deleteObject 



26
27
28
29
30
31
32
33
 
# File 'lib/drunker/executor/iam.rb', line 26

def delete
  role.detach_policy(policy_arn: policy.arn)
  logger.debug("Detached #{policy.policy_name} from #{role.name}")
  policy.delete
  logger.info("Deleted IAM policy: #{policy.policy_name}")
  role.delete
  logger.info("Deleted IAM role: #{role.name}")
end