class GeoEngineer::IAM::Statement
A Statement
object is a single iam policy statement with a Sid, effect, action, and condition. Used to assist validating IAM
policies.
Attributes
action[R]
effect[R]
sid[R]
Public Class Methods
new(raw)
click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 9 def initialize(raw) @action = raw["Action"] @effect = raw["Effect"] @raw = raw @sid = raw["Sid"] end
Public Instance Methods
ip_restriction_exists?()
click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 28 def ip_restriction_exists? return true unless ip_restrictions.empty? end
ip_restrictions()
click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 21 def ip_restrictions cidr_blocks = [] cidr_blocks << @raw.dig('Condition', 'IpAddress', 'aws:SourceIP') cidr_blocks << @raw.dig('Condition', 'IpAddressIfExists', 'aws:SourceIP') cidr_blocks.flatten.compact end
secure_transport?()
click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 16 def secure_transport? secure_transport = @raw.dig('Condition', 'Bool', 'aws:SecureTransport') secure_transport == "true" end
vpc_restriction_exists?()
click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 39 def vpc_restriction_exists? return true unless vpc_restrictions.empty? end
vpc_restrictions()
click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 32 def vpc_restrictions vpcs = [] vpcs << @raw.dig('Condition', 'StringEqualsifExists', 'aws:sourceVpce') vpcs << @raw.dig('Condition', 'ForAnyValue:StringEquals', 'aws:sourceVpce') vpcs.flatten.compact end