1
0
Fork 0
mirror of https://github.com/fog/fog-aws.git synced 2022-11-09 13:50:52 -05:00
fog--fog-aws/lib/fog/aws/requests/iam/create_role.rb
2015-09-01 14:31:13 -07:00

79 lines
2.8 KiB
Ruby

module Fog
module AWS
class IAM
# At the moment this is the only policy you can use
EC2_ASSUME_ROLE_POLICY = <<-JSON
{
"Version":"2008-10-17",
"Statement":[
{
"Effect":"Allow",
"Principal":{
"Service":["ec2.amazonaws.com"]
},
"Action":["sts:AssumeRole"]
}
]
}
JSON
class Real
require 'fog/aws/parsers/iam/single_role'
# Creates a new role for your AWS account
#
# ==== Parameters
# * RoleName<~String>: name of the role to create
# * AssumeRolePolicyDocument<~String>: The policy that grants an entity permission to assume the role.
# * Path<~String>: This parameter is optional. If it is not included, it defaults to a slash (/).
# ==== Returns
# * response<~Excon::Response>:
# * body<~Hash>:
# * 'Role'<~Hash>:
# * 'Arn'<~String> -
# * 'AssumeRolePolicyDocument'<~String<
# * 'Path'<~String> -
# * 'RoleId'<~String> -
# * 'RoleName'<~String> -
# * 'RequestId'<~String> - Id of the request
#
# ==== See Also
# http://docs.amazonwebservices.com/IAM/latest/APIReference/API_CreateRole.html
#
def create_role(role_name, assume_role_policy_document, path = '/')
request(
'Action' => 'CreateRole',
'RoleName' => role_name,
'AssumeRolePolicyDocument' => assume_role_policy_document,
'Path' => path,
:parser => Fog::Parsers::AWS::IAM::SingleRole.new
)
end
end
class Mock
def create_role(role_name, assume_role_policy_document, path = '/')
if data[:roles].key?(role_name)
raise Fog::AWS::IAM::EntityAlreadyExists.new("Role with name #{role_name} already exists")
else
data[:roles][role_name][:path] = path
Excon::Response.new.tap do |response|
response.body = {
'Role' => {
'Arn' => data[:roles][role_name][:arn].strip,
'AssumeRolePolicyDocument' => Fog::JSON.encode(data[:roles][role_name][:assume_role_policy_document]),
'CreateDate' => data[:roles][role_name][:create_date],
'Path' => path || "/",
'RoleId' => data[:roles][role_name][:role_id].strip,
'RoleName' => role_name,
},
'RequestId' => Fog::AWS::Mock.request_id
}
response.status = 200
end
end
end
end
end
end
end