Class: Jets::Cfn::TemplateBuilders::RuleBuilder

Inherits:

BaseChildBuilder

• Object
• BaseChildBuilder
• Jets::Cfn::TemplateBuilders::RuleBuilder

Defined in:

lib/jets/cfn/template_builders/rule_builder.rb

Instance Method Summary

• #add_aws_managed_rule(rule, map) ⇒ Object
• #add_config_rule(task, map) ⇒ Object
• #add_config_rules ⇒ Object
• #add_permission(map) ⇒ Object
• #compose ⇒ Object

Methods inherited from BaseChildBuilder

#add_class_iam_policy, #add_common_parameters, #add_function, #add_function_iam_policy, #add_functions, #initialize, #template_path

Methods included from Interface

#add_output, #add_parameter, #add_resource, #build, #post_process_template, #template, #text, #write

Constructor Details

This class inherits a constructor from Jets::Cfn::TemplateBuilders::BaseChildBuilder

Instance Method Details

#add_aws_managed_rule(rule, map) ⇒ Object

# File 'lib/jets/cfn/template_builders/rule_builder.rb', line 27

def add_aws_managed_rule(rule, map)
  # Usually we build the properties with the mappers but in the case for
  # a config_rule it makes more sense to grab properties from the task
  # using config_rule_properties
  add_resource(map.logical_id, "AWS::Config::ConfigRule",
    Properties: rule.config_rule_properties
  )
end

#add_config_rule(task, map) ⇒ Object

# File 'lib/jets/cfn/template_builders/rule_builder.rb', line 36

def add_config_rule(task, map)
  # Usually we build the properties with the mappers but in the case for
  # a config_rule it makes more sense to grab properties from the task
  # using config_rule_properties
  add_resource(map.logical_id, "AWS::Config::ConfigRule",
    Properties: task.config_rule_properties,
    DependsOn: map.permission_logical_id
  )
  # Example:
  # add_resource("GameRuleProtectConfigRule", "AWS::Config::ConfigRule",
  #   "ConfigRuleName" : String,
  #   "Description" : String,
  #   "InputParameters" : { ParameterName : Value },
  #   "MaximumExecutionFrequency" : String,
  #   "Scope" : Scope,
  #   "Source" : Source
  # )
end

#add_config_rules ⇒ Object

# File 'lib/jets/cfn/template_builders/rule_builder.rb', line 9

def add_config_rules
  # Handle config_rules associated with lambda functions.
  # @app_klass is PostsController, HardRule, Hello, or HelloFunction, or GameRule
  @app_klass.tasks.each do |task|
    map = Jets::Cfn::TemplateMappers::ConfigRuleMapper.new(task)

    add_config_rule(task, map)
    add_permission(map)
  end

  # Handle config_rules associated with aws managed rules.
  # List of AWS Config Managed Rules: https://amzn.to/2BOt9KN
  @app_klass.managed_rules.each do |rule|
    map = Jets::Cfn::TemplateMappers::ConfigRuleMapper.new(rule)
    add_aws_managed_rule(rule, map)
  end
end

#add_permission(map) ⇒ Object

# File 'lib/jets/cfn/template_builders/rule_builder.rb', line 55

def add_permission(map)
  add_resource(map.permission_logical_id, "AWS::Lambda::Permission",
    FunctionName: "!GetAtt #{map.lambda_function_logical_id}.Arn",
    Action: "lambda:InvokeFunction",
    Principal: "config.amazonaws.com"
  )
  # Example:
  # add_resource("GameRuleProtectConfigRulePermission", "AWS::Lambda::Permission",
  #   FunctionName: "!GetAtt GameRuleProtectLambdaFunction.Arn",
  #   Action: "lambda:InvokeFunction",
  #   Principal: "config.amazonaws.com",
  #   SourceArn: "!GetAtt ScheduledEventHardRuleDig.Arn"
  # )
end

#compose ⇒ Object

# File 'lib/jets/cfn/template_builders/rule_builder.rb', line 3

def compose
  add_common_parameters
  add_functions
  add_config_rules
end