class S3Secure::Policy::Document::ForceSSLOnlyAccess
Public Instance Methods
full_policy_document()
click to toggle source
# File lib/s3_secure/policy/document/force_ssl_only_access.rb, line 17 def full_policy_document {"Version"=>"2012-10-17", "Statement"=>[ssl_enforce_statement]} end
policy_document()
click to toggle source
# File lib/s3_secure/policy/document/force_ssl_only_access.rb, line 3 def policy_document if @bucket_policy.blank? full_policy_document else updated_policy_document end end
ssl_enforce_statement()
click to toggle source
# File lib/s3_secure/policy/document/force_ssl_only_access.rb, line 22 def ssl_enforce_statement { "Sid"=>"ForceSSLOnlyAccess", "Effect"=>"Deny", "Principal"=>"*", "Action"=>"s3:GetObject", "Resource"=>"arn:aws:s3:::#{@bucket}/*", "Condition"=>{"Bool"=>{"aws:SecureTransport"=>"false"}} } end
updated_policy_document()
click to toggle source
# File lib/s3_secure/policy/document/force_ssl_only_access.rb, line 11 def updated_policy_document policy = JSON.load(@bucket_policy) policy["Statement"] << ssl_enforce_statement unless checker.has?("ForceSSLOnlyAccess") policy end