Class: Jets::Cfn::Resource::ApiGateway::BasePath::Role

Inherits:
Base
  • Object
show all
Extended by:
Memoist
Includes:
AwsServices
Defined in:
lib/jets/cfn/resource/api_gateway/base_path/role.rb

Instance Method Summary collapse

Methods included from AwsServices

#apigateway, #aws_lambda, #aws_options, #cfn, #dynamodb, #logs, #s3, #s3_resource, #sns, #sqs, #sts

Methods included from AwsServices::StackStatus

#lookup, #stack_exists?, #stack_in_progress?

Methods included from AwsServices::GlobalMemoist

included

Methods inherited from Base

#attributes, #logical_id, #outputs, #parameters, #permission, #properties, #replacements, #replacer, #standarize, #template, truncate_id, #type

Methods included from Util::Camelize

#camelize

Instance Method Details

#definitionObject 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
 
# File 'lib/jets/cfn/resource/api_gateway/base_path/role.rb', line 6

def definition
  {
    BasePathRole: {
      Type: "AWS::IAM::Role",
      Properties: {
        # RoleName: role_name,
        Path: "/",
        AssumeRolePolicyDocument: {
          Version: "2012-10-17",
          Statement: [{
            Effect: "Allow",
            Principal: {Service: ["lambda.amazonaws.com"]},
            Action: ["sts:AssumeRole"]}
          ]
        },
        Policies: [
          PolicyName: "base-path-mapping-policy", # cannot be empty
          PolicyDocument: policy_document,
        ]
      },
    }
  }
end

#policy_documentObject 



30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'lib/jets/cfn/resource/api_gateway/base_path/role.rb', line 30

def policy_document
  project_namespace = Jets.project_namespace
  default_policy_statements = Jets.application.config.default_iam_policy # Array of Hashes
  apigateway = [{
    Action: [ "apigateway:*" ],
    Effect: "Allow",
    Resource: "arn:aws:apigateway:#{Jets.aws.region}::/restapis/*", # scoped to all restapis because this changes
  },{
    Action: [ "apigateway:*" ],
    Effect: "Allow",
    Resource: "arn:aws:apigateway:#{Jets.aws.region}::/domainnames/*", # scoped to all restapis because this changes
  }]
  cloudformation = [{
    Action: ["cloudformation:DescribeStacks"],
    Effect: "Allow",
    Resource: "arn:aws:cloudformation:#{Jets.aws.region}:#{Jets.aws.}:stack/#{project_namespace}*",
  }]

  # Combine the statements
  {
    Version: '2012-10-17',
    Statement: default_policy_statements + apigateway + cloudformation
  }
end

#rest_api_idObject

Duplicated in rest_api/change_detection.rb, base_path/role.rb, rest_api/routes.rb



56
57
58
59
60
61
62
63
64
65
66
67
 
# File 'lib/jets/cfn/resource/api_gateway/base_path/role.rb', line 56

def rest_api_id
  stack_name = Jets::Names.parent_stack_name
  return "RestApi" unless stack_exists?(stack_name)

  stack = cfn.describe_stacks(stack_name: stack_name).stacks.first

  api_gateway_stack_arn = lookup(stack[:outputs], "ApiGateway")

  # resources = cfn.describe_stack_resources(stack_name: api_gateway_stack_arn).stack_resources
  stack = cfn.describe_stacks(stack_name: api_gateway_stack_arn).stacks.first
  rest_api_id = lookup(stack[:outputs], "RestApi")
end