class StackMaster::RoleAssumer
Constants
- BlockNotSpecified
Public Class Methods
new()
click to toggle source
# File lib/stack_master/role_assumer.rb, line 7 def initialize @credentials = {} end
Public Instance Methods
assume_role(account, role, &block)
click to toggle source
# File lib/stack_master/role_assumer.rb, line 11 def assume_role(account, role, &block) raise BlockNotSpecified unless block_given? raise ArgumentError, "Both 'account' and 'role' are required to assume a role" if account.nil? || role.nil? role_credentials = assume_role_credentials(account, role) with_temporary_credentials(role_credentials) do with_temporary_cf_driver do block.call end end end
Private Instance Methods
assume_role_credentials(account, role)
click to toggle source
# File lib/stack_master/role_assumer.rb, line 44 def assume_role_credentials(account, role) credentials_key = "#{account}:#{role}" @credentials.fetch(credentials_key) do @credentials[credentials_key] = Aws::AssumeRoleCredentials.new( region: StackMaster.cloud_formation_driver.region, role_arn: "arn:aws:iam::#{account}:role/#{role}", role_session_name: "stack-master-role-assumer" ) end end
with_temporary_cf_driver(&block)
click to toggle source
# File lib/stack_master/role_assumer.rb, line 34 def with_temporary_cf_driver(&block) original_driver = StackMaster.cloud_formation_driver new_driver = original_driver.class.new new_driver.set_region(original_driver.region) StackMaster.cloud_formation_driver = new_driver block.call ensure StackMaster.cloud_formation_driver = original_driver end
with_temporary_credentials(credentials, &block)
click to toggle source
# File lib/stack_master/role_assumer.rb, line 25 def with_temporary_credentials(credentials, &block) original_aws_config = Aws.config Aws.config = original_aws_config.deep_dup Aws.config[:credentials] = credentials block.call ensure Aws.config = original_aws_config end