class Deputy53::Assigner
Assigns control of a zone to an identity
Public Instance Methods
assign(subdomain, identity)
click to toggle source
# File lib/deputy53/assigner.rb, line 35 def assign(subdomain, identity) identity = iam.identity identity true if iam.api.method("put_#{identity.type}_policy").call( :"#{identity.type}_name" => identity.name, policy_name: "manage-dns@#{subdomain}", policy_document: policy(subdomain) ) end
iam()
click to toggle source
# File lib/deputy53/assigner.rb, line 11 def iam @iam ||= IAM.new end
policy(subdomain)
click to toggle source
# File lib/deputy53/assigner.rb, line 21 def policy(subdomain) zone = route53.id(subdomain).sub(%r{^/}, '') document = { 'Version' => '2012-10-17', 'Statement' => [ 'Effect' => 'Allow', 'Action' => ['route53domains:*', 'route53:*'], 'Resource' => "arn:aws:route53:::#{zone}" ] } JSON.dump document end
route53()
click to toggle source
# File lib/deputy53/assigner.rb, line 16 def route53 @route53 ||= Route53.new end