class Awscli::Iam::Roles
Public Class Methods
new(connection)
click to toggle source
# File lib/awscli/iam.rb, line 377 def initialize(connection) @conn = connection end
Public Instance Methods
create_role(rolename, document, path)
click to toggle source
# File lib/awscli/iam.rb, line 386 def create_role(rolename, document, path) #TODO: Build document in line from options use iam-rolecreate as reference doc_path = File.expand_path(document) abort "Invalid file path: #{file_path}" unless File.exist?(doc_path) json_string = File.read(doc_path) abort "Invalid JSON format found in the document: #{document}" unless valid_json?(json_string) @conn.create_role(rolename, JSON.parse(json_string), path) # Example document, AssumeRolePolicyDocument={"Version":"2008-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":["ec2.amazonaws.com"]},"Action":["sts:AssumeRole"]}]} puts "Created role: #{rolename}" rescue Fog::AWS::IAM::Error puts "[Error]: #{$!}" end
delete_role(rolename)
click to toggle source
# File lib/awscli/iam.rb, line 399 def delete_role(rolename) @conn.delete_role(rolename) puts "Deleted Role #{rolename}" rescue Fog::AWS::IAM::NotFound, Fog::AWS::IAM::Error if $!.to_s =~ /must remove roles from instance profile first/ puts "[Error]: #{$!}" profile = @conn.list_instance_profiles_for_role('test').body['InstanceProfiles'].map { |k| k['InstanceProfileName'] } puts "Associated instance profile name: #{profile.to_s}, delete the instance profile using `awscli iam profiles delete-role --profile-name=NAME --role-name=NAME`" else puts "[Error]: #{$!}" end end
list()
click to toggle source
# File lib/awscli/iam.rb, line 381 def list roles = @conn.list_roles.body['Roles'] Formatador.display_table(roles, %w(Arn RoleName Path RoleId)) end
valid_json?(json_string)
click to toggle source
# File lib/awscli/iam.rb, line 412 def valid_json?(json_string) # => validates json document JSON.parse(json_string) return true rescue JSON::ParserError return false end