Class: Jets::Cfn::Resource::ApiGateway::BasePath::Role
- Extended by:
- Memoist
- Includes:
- AwsServices
- Defined in:
- lib/jets/cfn/resource/api_gateway/base_path/role.rb
Instance Method Summary collapse
- #definition ⇒ Object
- #policy_document ⇒ Object
-
#rest_api_id ⇒ Object
Duplicated in rest_api/change_detection.rb, base_path/role.rb, rest_api/routes.rb.
Methods included from AwsServices
#apigateway, #aws_lambda, #aws_options, #cfn, #dynamodb, #logs, #s3, #s3_resource, #sns, #sqs, #sts
Methods included from AwsServices::StackStatus
#lookup, #stack_exists?, #stack_in_progress?
Methods included from AwsServices::GlobalMemoist
Methods inherited from Base
#attributes, #logical_id, #outputs, #parameters, #permission, #properties, #replacements, #replacer, #standarize, #template, truncate_id, #type
Methods included from Util::Camelize
Instance Method Details
#definition ⇒ Object
6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 |
# File 'lib/jets/cfn/resource/api_gateway/base_path/role.rb', line 6 def definition { BasePathRole: { Type: "AWS::IAM::Role", Properties: { # RoleName: role_name, Path: "/", AssumeRolePolicyDocument: { Version: "2012-10-17", Statement: [{ Effect: "Allow", Principal: {Service: ["lambda.amazonaws.com"]}, Action: ["sts:AssumeRole"]} ] }, Policies: [ PolicyName: "base-path-mapping-policy", # cannot be empty PolicyDocument: policy_document, ] }, } } end |
#policy_document ⇒ Object
30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 |
# File 'lib/jets/cfn/resource/api_gateway/base_path/role.rb', line 30 def policy_document project_namespace = Jets.project_namespace default_policy_statements = Jets.application.config.default_iam_policy # Array of Hashes apigateway = [{ Action: [ "apigateway:*" ], Effect: "Allow", Resource: "arn:aws:apigateway:#{Jets.aws.region}::/restapis/*", # scoped to all restapis because this changes },{ Action: [ "apigateway:*" ], Effect: "Allow", Resource: "arn:aws:apigateway:#{Jets.aws.region}::/domainnames/*", # scoped to all restapis because this changes }] cloudformation = [{ Action: ["cloudformation:DescribeStacks"], Effect: "Allow", Resource: "arn:aws:cloudformation:#{Jets.aws.region}:#{Jets.aws.account}:stack/#{project_namespace}*", }] # Combine the statements { Version: '2012-10-17', Statement: default_policy_statements + apigateway + cloudformation } end |
#rest_api_id ⇒ Object
Duplicated in rest_api/change_detection.rb, base_path/role.rb, rest_api/routes.rb
56 57 58 59 60 61 62 63 64 65 66 67 |
# File 'lib/jets/cfn/resource/api_gateway/base_path/role.rb', line 56 def rest_api_id stack_name = Jets::Names.parent_stack_name return "RestApi" unless stack_exists?(stack_name) stack = cfn.describe_stacks(stack_name: stack_name).stacks.first api_gateway_stack_arn = lookup(stack[:outputs], "ApiGateway") # resources = cfn.describe_stack_resources(stack_name: api_gateway_stack_arn).stack_resources stack = cfn.describe_stacks(stack_name: api_gateway_stack_arn).stacks.first rest_api_id = lookup(stack[:outputs], "RestApi") end |