Class: GeoEngineer::IAM::Statement

Inherits:

Object

• Object
• GeoEngineer::IAM::Statement

Defined in:

lib/geoengineer/resources/iam/statement.rb

Overview

A Statement object is a single iam policy statement with a Sid, effect, action, and condition. Used to assist validating IAM policies.

Instance Attribute Summary

• #action ⇒ Object readonly

  Returns the value of attribute action.

• #effect ⇒ Object readonly

  Returns the value of attribute effect.

• #sid ⇒ Object readonly

  Returns the value of attribute sid.

Instance Method Summary

• #initialize(raw) ⇒ Statement constructor

  A new instance of Statement.

• #ip_restriction_exists? ⇒ Boolean
• #ip_restrictions ⇒ Object
• #secure_transport? ⇒ Boolean
• #vpc_restriction_exists? ⇒ Boolean
• #vpc_restrictions ⇒ Object

Constructor Details

#initialize(raw) ⇒ Statement

Returns a new instance of Statement.

# File 'lib/geoengineer/resources/iam/statement.rb', line 9

def initialize(raw)
  @action = raw["Action"]
  @effect = raw["Effect"]
  @raw = raw
  @sid = raw["Sid"]
end

Instance Attribute Details

#action ⇒ Object (readonly)

Returns the value of attribute action.

# File 'lib/geoengineer/resources/iam/statement.rb', line 7

def action
  @action
end

#effect ⇒ Object (readonly)

Returns the value of attribute effect.

# File 'lib/geoengineer/resources/iam/statement.rb', line 7

def effect
  @effect
end

#sid ⇒ Object (readonly)

Returns the value of attribute sid.

# File 'lib/geoengineer/resources/iam/statement.rb', line 7

def sid
  @sid
end

Instance Method Details

#ip_restriction_exists? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/geoengineer/resources/iam/statement.rb', line 28

def ip_restriction_exists?
  return true unless ip_restrictions.empty?
end

#ip_restrictions ⇒ Object

# File 'lib/geoengineer/resources/iam/statement.rb', line 21

def ip_restrictions
  cidr_blocks = []
  cidr_blocks << @raw.dig('Condition', 'IpAddress', 'aws:SourceIP')
  cidr_blocks << @raw.dig('Condition', 'IpAddressIfExists', 'aws:SourceIP')
  cidr_blocks.flatten.compact
end

#secure_transport? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/geoengineer/resources/iam/statement.rb', line 16

def secure_transport?
  secure_transport = @raw.dig('Condition', 'Bool', 'aws:SecureTransport')
  secure_transport == "true"
end

#vpc_restriction_exists? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/geoengineer/resources/iam/statement.rb', line 39

def vpc_restriction_exists?
  return true unless vpc_restrictions.empty?
end

#vpc_restrictions ⇒ Object

# File 'lib/geoengineer/resources/iam/statement.rb', line 32

def vpc_restrictions
  vpcs = []
  vpcs << @raw.dig('Condition', 'StringEqualsifExists', 'aws:sourceVpce')
  vpcs << @raw.dig('Condition', 'ForAnyValue:StringEquals', 'aws:sourceVpce')
  vpcs.flatten.compact
end