class Convection::Model::Mixin::Policy::Statement

An IAM policy statement

Public Class Methods

new(effect = 'Allow', template = nil) click to toggle source
# File lib/convection/model/mixin/policy.rb, line 86
def initialize(effect = 'Allow', template = nil)
  @effect = effect

  @action = []
  @resource = []

  @template = template
end

Public Instance Methods

render() click to toggle source
# File lib/convection/model/mixin/policy.rb, line 95
def render
  {
    'Effect' => effect,
    'Action' => action
  }.tap do |statement|
    statement['Sid'] = sid unless sid.nil?
    statement['Condition'] = condition unless condition.nil?
    statement['Principal'] = principal unless principal.nil?
    statement['NotPrincipal'] = not_principal unless not_principal.nil?
    statement['Resource'] = resource unless resource.empty? # Avoid failure in CF if empty Resources array is passed
  end
end
s3_resource(bucket, path = nil) click to toggle source
# File lib/convection/model/mixin/policy.rb, line 73
def s3_resource(bucket, path = nil)
  return resource "arn:aws:s3:::#{ bucket }/#{ path }" unless path.nil?
  resource "arn:aws:s3:::#{ bucket }"
end
sns_resource(region, account, topic) click to toggle source
# File lib/convection/model/mixin/policy.rb, line 82
def sns_resource(region, account, topic)
  resource "arn:aws:sns:#{ region }:#{ account }:#{ topic }"
end
sqs_resource(region, account, queue) click to toggle source
# File lib/convection/model/mixin/policy.rb, line 78
def sqs_resource(region, account, queue)
  resource "arn:aws:sqs:#{ region }:#{ account }:#{ queue }"
end