class Terraforming::Resource::IAMPolicyAttachment

Public Class Methods

new(client) click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 14
def initialize(client)
  @client = client
end
tf(client: Aws::IAM::Client.new) click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 6
def self.tf(client: Aws::IAM::Client.new)
  self.new(client).tf
end
tfstate(client: Aws::IAM::Client.new) click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 10
def self.tfstate(client: Aws::IAM::Client.new)
  self.new(client).tfstate
end

Public Instance Methods

tf() click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 18
def tf
  apply_template(@client, "tf/iam_policy_attachment")
end
tfstate() click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 22
def tfstate
  iam_policy_attachments.inject({}) do |resources, policy_attachment|
    attributes = {
      "id" => policy_attachment[:name],
      "name" => policy_attachment[:name],
      "policy_arn" => policy_attachment[:arn],
      "groups.#" => policy_attachment[:entities].policy_groups.length.to_s,
      "users.#" => policy_attachment[:entities].policy_users.length.to_s,
      "roles.#" => policy_attachment[:entities].policy_roles.length.to_s,
    }
    resources["aws_iam_policy_attachment.#{module_name_of(policy_attachment)}"] = {
      "type" => "aws_iam_policy_attachment",
      "primary" => {
        "id" => policy_attachment[:name],
        "attributes" => attributes
      }
    }

    resources
  end
end

Private Instance Methods

attachment_name_from(policy) click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 46
def attachment_name_from(policy)
  "#{policy.policy_name}-policy-attachment"
end
entities_for_policy(policy) click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 50
def entities_for_policy(policy)
  # list_entities_for_policy is a weird one: the response class
  # has three different member variables that we need to
  # paginate through altogether.
  result = Aws::IAM::Types::ListEntitiesForPolicyResponse.new
  result.policy_groups = []
  result.policy_users = []
  result.policy_roles = []
  @client.list_entities_for_policy(policy_arn: policy.arn).each do |resp|
    result.policy_groups += resp.policy_groups
    result.policy_users += resp.policy_users
    result.policy_roles += resp.policy_roles
  end

  result
end
iam_policies() click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 67
def iam_policies
  @client.list_policies(scope: "All", only_attached: true).map(&:policies).flatten
end
iam_policy_attachments() click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 71
def iam_policy_attachments
  iam_policies.map do |policy|
    {
      arn: policy.arn,
      entities: entities_for_policy(policy),
      name: attachment_name_from(policy),
    }
  end
end
module_name_of(policy_attachment) click to toggle source
# File lib/terraforming/resource/iam_policy_attachment.rb, line 81
def module_name_of(policy_attachment)
  normalize_module_name(policy_attachment[:name])
end