class S3Secure::Policy::Enforce

Public Class Methods

new(options={}) click to toggle source
Calls superclass method S3Secure::AbstractBase::new
# File lib/s3_secure/policy/enforce.rb, line 3
def initialize(options={})
  super
  @sid = options[:sid]
end

Public Instance Methods

run() click to toggle source
# File lib/s3_secure/policy/enforce.rb, line 8
def run
  show = S3Secure::Policy::Show.new(@options)

  bucket_policy = show.policy
  document = Document.new(@bucket, bucket_policy)
  if document.has?(@sid)
    say "Bucket policy for #{@bucket} has ForceSSLOnlyAccess policy statement already:"
    say bucket_policy
  else
    # Set encryption rules
    # Ruby docs: https://docs.aws.amazon.com/sdk-for-ruby/v3/api/Aws/S3/Client.html#put_bucket_policy-instance_method
    # API docs: https://docs.aws.amazon.com/AmazonS3/latest/API/API_ServerSideEncryptionByDefault.html
    #
    #    put_bucket_policy returns #<struct Aws::EmptyStructure>
    #
    policy_document = document.policy_document(@sid)
    s3.put_bucket_policy(
      bucket: @bucket,
      policy: policy_document,
    )
    say "Add bucket policy to bucket #{@bucket}:"
  end
end