Class: AwsIamPolicy
Defined Under Namespace
Classes: Backend
Constant Summary
collapse
- EXPECTED_CRITERIA =
%w{
Action
Effect
Resource
Sid
}.freeze
- UNIMPLEMENTED_CRITERIA =
%w{
Conditional
NotAction
NotPrincipal
NotResource
Principal
}.freeze
Instance Attribute Summary collapse
Instance Method Summary
collapse
#exists?, included
#catch_aws_errors, #check_resource_param_names, #initialize, #inspec_runner
Instance Attribute Details
#arn ⇒ Object
Returns the value of attribute arn.
17
18
19
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 17
def arn
@arn
end
|
#attachment_count ⇒ Object
Returns the value of attribute attachment_count.
17
18
19
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 17
def attachment_count
@attachment_count
end
|
#default_version_id ⇒ Object
Returns the value of attribute default_version_id.
17
18
19
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 17
def default_version_id
@default_version_id
end
|
Instance Method Details
#attached? ⇒ Boolean
38
39
40
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 38
def attached?
!attachment_count.zero?
end
|
#attached_groups ⇒ Object
48
49
50
51
52
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 48
def attached_groups
return @attached_groups if defined? @attached_groups
fetch_attached_entities
@attached_groups
end
|
#attached_roles ⇒ Object
54
55
56
57
58
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 54
def attached_roles
return @attached_roles if defined? @attached_roles
fetch_attached_entities
@attached_roles
end
|
#attached_to_group?(group_name) ⇒ Boolean
64
65
66
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 64
def attached_to_group?(group_name)
attached_groups.include?(group_name)
end
|
#attached_to_role?(role_name) ⇒ Boolean
68
69
70
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 68
def attached_to_role?(role_name)
attached_roles.include?(role_name)
end
|
#attached_to_user?(user_name) ⇒ Boolean
60
61
62
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 60
def attached_to_user?(user_name)
attached_users.include?(user_name)
end
|
#attached_users ⇒ Object
42
43
44
45
46
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 42
def attached_users
return @attached_users if defined? @attached_users
fetch_attached_entities
@attached_users
end
|
#has_statement?(raw_criteria = {}) ⇒ Boolean
89
90
91
92
93
94
95
96
97
98
99
100
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 89
def has_statement?(raw_criteria = {})
return nil unless exists?
criteria = has_statement__normalize_criteria(has_statement__validate_criteria(raw_criteria))
@normalized_statements ||= has_statement__normalize_statements
statements = has_statement__focus_on_sid(@normalized_statements, criteria)
statements.any? do |statement|
true && \
has_statement__effect(statement, criteria) && \
has_statement__array_criterion(:action, statement, criteria) && \
has_statement__array_criterion(:resource, statement, criteria)
end
end
|
#policy ⇒ Object
72
73
74
75
76
77
78
79
80
81
82
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 72
def policy
return nil unless exists?
return @policy if defined?(@policy)
catch_aws_errors do
backend = BackendFactory.create(inspec_runner)
gpv_response = backend.get_policy_version(policy_arn: arn, version_id: default_version_id)
@policy = JSON.parse(URI.decode_www_form_component(gpv_response.policy_version.document))
end
@policy
end
|
#statement_count ⇒ Object
84
85
86
87
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 84
def statement_count
return nil unless exists?
policy['Statement'].count
end
|
#to_s ⇒ Object
34
35
36
|
# File 'lib/resources/aws/aws_iam_policy.rb', line 34
def to_s
"Policy #{@policy_name}"
end
|