diff --git a/lib/fog/aws/iam.rb b/lib/fog/aws/iam.rb index a75466efd..aab437ecf 100644 --- a/lib/fog/aws/iam.rb +++ b/lib/fog/aws/iam.rb @@ -78,6 +78,8 @@ module Fog collection :policies model :access_key collection :access_keys + model :role + collection :roles class Mock diff --git a/lib/fog/aws/models/iam/role.rb b/lib/fog/aws/models/iam/role.rb new file mode 100644 index 000000000..d0abea26c --- /dev/null +++ b/lib/fog/aws/models/iam/role.rb @@ -0,0 +1,36 @@ +require 'fog/core/model' + +module Fog + module AWS + class IAM + + class Role < Fog::Model + + identity :id, :aliases => 'RoleId' + attribute :rolename, :aliases => 'RoleName' + attribute :create_date, :aliases => 'CreateDate', :type => :time + attribute :assume_role_policy_document, :aliases => 'AssumeRolePolicyDocument' + attribute :arn, :aliases => 'Arn' + attribute :path, :aliases => 'Path' + + def save + raise Fog::Errors::Error.new('Resaving an existing object may create a duplicate') if persisted? + requires :rolename + requires :assume_role_policy_document + + data = service.create_role(rolename, assume_role_policy_document).body["Role"] + merge_attributes(data) + true + end + + def destroy + requires :rolename + + service.delete_role(rolename) + true + end + + end + end + end +end \ No newline at end of file diff --git a/lib/fog/aws/models/iam/roles.rb b/lib/fog/aws/models/iam/roles.rb new file mode 100644 index 000000000..906d528b4 --- /dev/null +++ b/lib/fog/aws/models/iam/roles.rb @@ -0,0 +1,40 @@ +require 'fog/core/collection' +require 'fog/aws/models/iam/role' + +module Fog + module AWS + class IAM + + class Roles < Fog::Collection + + model Fog::AWS::IAM::Role + + def initialize(attributes = {}) + super + end + + def all + data = service.list_roles.body['Roles'] + load(data) + end + + def get(identity) + role = nil + begin + role = service.roles.new( service.get_role( identity ).data[:body]["Role"] ) + rescue Excon::Errors::NotFound # ignore not found error + end + role + end + + def new(attributes = {}) + if not attributes.has_key?(:assume_role_policy_document) + attributes[:assume_role_policy_document] = Fog::AWS::IAM::EC2_ASSUME_ROLE_POLICY.to_s + end + super + end + + end + end + end +end diff --git a/tests/aws/models/iam/roles_tests.rb b/tests/aws/models/iam/roles_tests.rb new file mode 100644 index 000000000..338a4ce13 --- /dev/null +++ b/tests/aws/models/iam/roles_tests.rb @@ -0,0 +1,63 @@ +Shindo.tests("Fog::Compute[:iam] | roles", ['aws','iam']) do + + pending if Fog.mocking? + + @iam = Fog::AWS[:iam] + @role_one_name = 'fake_role_one' + @role_two_name = 'fake_role_two' + + @role_three_name = 'fake_role_three' + @role_three_path = '/path/to/fake_role_three/' + @role_four_name = 'fake_role_four' + + tests('#create').succeeds do + @role_one = @iam.roles.create(:rolename => @role_one_name) + @role_one.rolename == @role_one_name + end + + tests('#all','there is only one role').succeeds do + @iam.roles.size == 1 + end + + tests('#all','the only role should match').succeeds do + @iam.roles.first.rolename == @role_one_name + end + + tests('#create','a second role').succeeds do + @role_two = @iam.roles.create(:rolename => @role_two_name) + @role_two.rolename == @role_two_name + end + + tests('#all','there are two roles').succeeds do + @iam.roles.size == 2 + end + + tests('#get','an existing role').succeeds do + @iam.roles.get(@role_one_name).rolename == @role_one_name + end + + tests('#get',"returns nil if the role doesn't exists").succeeds do + @iam.roles.get('non-exists') == nil + end + + tests('#create', 'assigns path').succeeds do + @role_three = @iam.roles.create(:rolename => @role_three_name, :path => @role_three_path) + @role_three.path == @role_three_path + end + + tests('#create', 'defaults path to /').succeeds do + @role_four = @iam.roles.create(:rolename => @role_four_name) + @role_four.path == '/' + end + + tests('#destroy','an existing role').succeeds do + @iam.roles.get(@role_one_name).destroy + end + + tests('#destroy','clean up remaining roles').succeeds do + @iam.roles.get(@role_two_name).destroy + @iam.roles.get(@role_three_name).destroy + @iam.roles.get(@role_four_name).destroy + end + +end \ No newline at end of file