class GeoEngineer::IAM::Statement

A Statement object is a single iam policy statement with a Sid, effect, action, and condition. Used to assist validating IAM policies.

Attributes

action[R]
effect[R]
sid[R]

Public Class Methods

new(raw) click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 9
def initialize(raw)
  @action = raw["Action"]
  @effect = raw["Effect"]
  @raw = raw
  @sid = raw["Sid"]
end

Public Instance Methods

ip_restriction_exists?() click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 28
def ip_restriction_exists?
  return true unless ip_restrictions.empty?
end
ip_restrictions() click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 21
def ip_restrictions
  cidr_blocks = []
  cidr_blocks << @raw.dig('Condition', 'IpAddress', 'aws:SourceIP')
  cidr_blocks << @raw.dig('Condition', 'IpAddressIfExists', 'aws:SourceIP')
  cidr_blocks.flatten.compact
end
secure_transport?() click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 16
def secure_transport?
  secure_transport = @raw.dig('Condition', 'Bool', 'aws:SecureTransport')
  secure_transport == "true"
end
vpc_restriction_exists?() click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 39
def vpc_restriction_exists?
  return true unless vpc_restrictions.empty?
end
vpc_restrictions() click to toggle source
# File lib/geoengineer/resources/iam/statement.rb, line 32
def vpc_restrictions
  vpcs = []
  vpcs << @raw.dig('Condition', 'StringEqualsifExists', 'aws:sourceVpce')
  vpcs << @raw.dig('Condition', 'ForAnyValue:StringEquals', 'aws:sourceVpce')
  vpcs.flatten.compact
end