class Awscli::Iam::Roles

Public Class Methods

new(connection) click to toggle source
# File lib/awscli/iam.rb, line 377
def initialize(connection)
  @conn = connection
end

Public Instance Methods

create_role(rolename, document, path) click to toggle source
# File lib/awscli/iam.rb, line 386
def create_role(rolename, document, path)
  #TODO: Build document in line from options use iam-rolecreate as reference
  doc_path = File.expand_path(document)
  abort "Invalid file path: #{file_path}" unless File.exist?(doc_path)
  json_string = File.read(doc_path)
  abort "Invalid JSON format found in the document: #{document}" unless valid_json?(json_string)
  @conn.create_role(rolename, JSON.parse(json_string), path)
  # Example document, AssumeRolePolicyDocument={"Version":"2008-10-17","Statement":[{"Effect":"Allow","Principal":{"Service":["ec2.amazonaws.com"]},"Action":["sts:AssumeRole"]}]}
  puts "Created role: #{rolename}"
rescue Fog::AWS::IAM::Error
  puts "[Error]: #{$!}"
end
delete_role(rolename) click to toggle source
# File lib/awscli/iam.rb, line 399
def delete_role(rolename)
  @conn.delete_role(rolename)
  puts "Deleted Role #{rolename}"
rescue Fog::AWS::IAM::NotFound, Fog::AWS::IAM::Error
  if $!.to_s =~ /must remove roles from instance profile first/
    puts "[Error]: #{$!}"
    profile = @conn.list_instance_profiles_for_role('test').body['InstanceProfiles'].map { |k| k['InstanceProfileName'] }
    puts "Associated instance profile name: #{profile.to_s}, delete the instance profile using `awscli iam profiles delete-role --profile-name=NAME --role-name=NAME`"
  else
    puts "[Error]: #{$!}"
  end
end
list() click to toggle source
# File lib/awscli/iam.rb, line 381
def list
  roles = @conn.list_roles.body['Roles']
  Formatador.display_table(roles, %w(Arn RoleName Path RoleId))
end
valid_json?(json_string) click to toggle source
# File lib/awscli/iam.rb, line 412
def valid_json?(json_string)
  # => validates json document
  JSON.parse(json_string)
  return true
rescue JSON::ParserError
  return false
end