class Convection::Model::Template::Resource::IAMUser
@example
iam_user 'User' do path "/my_path/region/example-cloud/" with_key policy 'bucket-policy' do allow do s3_resource 'bucket.blah.com', '*' s3_resource 'bucket.blah.com' action 's3:GetObject' action 's3:PutObject' action 's3:DeleteObject' action 's3:ListBucket' end end end
Public Instance Methods
additional_hcl_files(module_path: 'root')
click to toggle source
# File lib/convection/model/template/resource/aws_iam_user.rb, line 67 def additional_hcl_files(module_path: 'root') module_prefix = module_path.tr('.', '-') if module_path == 'root' result = {} user = user_name user ||= stack.resources[name] && stack.resources[name].physical_resource_id result["#{stack._original_region}-#{stack._original_cloud}-#{name.underscore}.tf.json"] = { module: [{ name.underscore => { source: _terraform_module_flag_to_dir(module_path), managed_policy_arns: managed_policy_arn, name: user, path: path } }] } result["#{module_prefix}#{name.underscore}-variables.tf.json"] = { variable: [ { managed_policy_arns: { description: 'A list of ARNs for managed policies to attach to this user.', default: [] } }, { name: { description: 'The name of the user' } }, { path: { description: 'The path for the IAM user', path: '/' } } ] } result["#{module_prefix}#{name.underscore}-user.tf.json"] = { resource: [ { aws_iam_user: { name.underscore => { name: '${var.name}', path: '${var.path}' } } } ] } policy_resources = policies.map do |policy| { aws_iam_user_policy: { policy.name.underscore => { name: policy.name, policy: policy.render.to_json, user: "${aws_iam_user.#{name.underscore}.id}" } } } end policy_resources << { aws_iam_user_policy_attachment: { "#{name.underscore}_managed" => { count: managed_policy_arn.count, user: "${aws_iam_user.#{name.underscore}.id}", policy_arn: '${element(var.managed_policy_arns, count.index)}' } } } result["#{module_prefix}#{name.underscore}-policy.tf.json"] = { resource: policy_resources } result end