class Conjur::Provisioner::AWS::DeleteRole

Attributes

host_factory[RW]

Public Instance Methods

perform() click to toggle source
# File lib/conjur/provisioner/aws.rb, line 55
def perform
  delete_role
  delete_s3_token_file
end
role_name() click to toggle source
# File lib/conjur/provisioner/aws.rb, line 41
def role_name
  host_factory.id.parameterize
end
token_file_name() click to toggle source
# File lib/conjur/provisioner/aws.rb, line 45
def token_file_name
  host_factory.id.parameterize
end
validate() click to toggle source
# File lib/conjur/provisioner/aws.rb, line 49
def validate
  super
  
  raise "host_factory is missing" unless host_factory
end

Protected Instance Methods

delete_role() click to toggle source
# File lib/conjur/provisioner/aws.rb, line 62
def delete_role
  remove_params = {
    role_name: role_name,
    instance_profile_name: role_name
  }
  role_params = {
    role_name: role_name
  }
  instance_profile_params = {
    instance_profile_name: role_name
  }
  
  aws_iam.client.list_role_policies(role_params)[:policy_names].each do |policy|
    delete_policy_params = {
      role_name: role_name,
      policy_name: policy
    }
    aws_iam.client.delete_role_policy delete_policy_params
  end
  
  aws_iam.client.remove_role_from_instance_profile remove_params
  aws_iam.client.delete_instance_profile instance_profile_params
  aws_iam.client.delete_role role_params
end
delete_s3_token_file() click to toggle source
# File lib/conjur/provisioner/aws.rb, line 87
def delete_s3_token_file
  bucket = aws_s3.buckets[bucket_name]
  bucket.objects[token_file_name].delete
end