Fix merge conflicts. Add basic cloudformation support. Closes #111.

2014-03-27 19:12:53 -04:00 · 2014-03-27 19:12:53 -04:00 · ef876dd27e
commit ef876dd27e
parent 069c48b43a
28 changed files with 2473 additions and 11 deletions
--- a/moto/iam/init.py
+++ b/moto/iam/init.py
@ -0,0 +1,2 @@
+from .models import iam_backend
+mock_iam = iam_backend.decorator
--- a/moto/iam/models.py
+++ b/moto/iam/models.py
@ -0,0 +1,99 @@
+from moto.core import BaseBackend
+
+from .utils import random_resource_id
+
+
+class Role(object):
+
+    def __init__(self, role_id, name, assume_role_policy_document, path, policies):
+        self.id = role_id
+        self.name = name
+        self.assume_role_policy_document = assume_role_policy_document
+        self.path = path
+        self.policies = policies
+
+    @classmethod
+    def create_from_cloudformation_json(cls, resource_name, cloudformation_json):
+        properties = cloudformation_json['Properties']
+
+        return iam_backend.create_role(
+            role_name=resource_name,
+            assume_role_policy_document=properties['AssumeRolePolicyDocument'],
+            path=properties['Path'],
+            policies=properties.get('Policies', []),
+        )
+
+    @property
+    def physical_resource_id(self):
+        return self.id
+
+
+class InstanceProfile(object):
+    def __init__(self, instance_profile_id, name, path, roles):
+        self.id = instance_profile_id
+        self.name = name
+        self.path = path
+        self.roles = roles if roles else []
+
+    @classmethod
+    def create_from_cloudformation_json(cls, resource_name, cloudformation_json):
+        properties = cloudformation_json['Properties']
+
+        role_ids = properties['Roles']
+        return iam_backend.create_instance_profile(
+            name=resource_name,
+            path=properties['Path'],
+            role_ids=role_ids,
+        )
+
+    @property
+    def physical_resource_id(self):
+        return self.name
+
+
+class IAMBackend(BaseBackend):
+
+    def __init__(self):
+        self.instance_profiles = {}
+        self.roles = {}
+        super(IAMBackend, self).__init__()
+
+    def create_role(self, role_name, assume_role_policy_document, path, policies):
+        role_id = random_resource_id()
+        role = Role(role_id, role_name, assume_role_policy_document, path, policies)
+        self.roles[role_id] = role
+        return role
+
+    def get_role_by_id(self, role_id):
+        return self.roles.get(role_id)
+
+    def get_role(self, role_name):
+        for role in self.get_roles():
+            if role.name == role_name:
+                return role
+
+    def get_roles(self):
+        return self.roles.values()
+
+    def create_instance_profile(self, name, path, role_ids):
+        instance_profile_id = random_resource_id()
+
+        roles = [iam_backend.get_role_by_id(role_id) for role_id in role_ids]
+        instance_profile = InstanceProfile(instance_profile_id, name, path, roles)
+        self.instance_profiles[instance_profile_id] = instance_profile
+        return instance_profile
+
+    def get_instance_profile(self, profile_name):
+        for profile in self.get_instance_profiles():
+            if profile.name == profile_name:
+                return profile
+
+    def get_instance_profiles(self):
+        return self.instance_profiles.values()
+
+    def add_role_to_instance_profile(self, profile_name, role_name):
+        profile = self.get_instance_profile(profile_name)
+        role = self.get_role(role_name)
+        profile.roles.append(role)
+
+iam_backend = IAMBackend()
--- a/moto/iam/responses.py
+++ b/moto/iam/responses.py
@ -0,0 +1,184 @@
+from jinja2 import Template
+
+from moto.core.responses import BaseResponse
+from .models import iam_backend
+
+
+class IamResponse(BaseResponse):
+
+    def _get_param(self, param_name):
+        return self.querystring.get(param_name, [None])[0]
+
+    def create_role(self):
+        role_name = self._get_param('RoleName')
+        path = self._get_param('Path')
+        assume_role_policy_document = self._get_param('AssumeRolePolicyDocument')
+
+        role = iam_backend.create_role(role_name, assume_role_policy_document, path, policies=[])
+        template = Template(CREATE_ROLE_TEMPLATE)
+        return template.render(role=role)
+
+    def get_role(self):
+        role_name = self._get_param('RoleName')
+        role = iam_backend.get_role(role_name)
+
+        template = Template(GET_ROLE_TEMPLATE)
+        return template.render(role=role)
+
+    def create_instance_profile(self):
+        profile_name = self._get_param('InstanceProfileName')
+        path = self._get_param('Path')
+
+        profile = iam_backend.create_instance_profile(profile_name, path, role_ids=[])
+        template = Template(CREATE_INSTANCE_PROFILE_TEMPLATE)
+        return template.render(profile=profile)
+
+    def get_instance_profile(self):
+        profile_name = self._get_param('InstanceProfileName')
+        profile = iam_backend.get_instance_profile(profile_name)
+
+        template = Template(GET_INSTANCE_PROFILE_TEMPLATE)
+        return template.render(profile=profile)
+
+    def add_role_to_instance_profile(self):
+        profile_name = self._get_param('InstanceProfileName')
+        role_name = self._get_param('RoleName')
+
+        iam_backend.add_role_to_instance_profile(profile_name, role_name)
+        template = Template(ADD_ROLE_TO_INSTANCE_PROFILE_TEMPLATE)
+        return template.render()
+
+    def list_roles(self):
+        roles = iam_backend.get_roles()
+
+        template = Template(LIST_ROLES_TEMPLATE)
+        return template.render(roles=roles)
+
+    def list_instance_profiles(self):
+        profiles = iam_backend.get_instance_profiles()
+
+        template = Template(LIST_INSTANCE_PROFILES_TEMPLATE)
+        return template.render(instance_profiles=profiles)
+
+CREATE_INSTANCE_PROFILE_TEMPLATE = """<CreateInstanceProfileResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+  <CreateInstanceProfileResult>
+    <InstanceProfile>
+      <InstanceProfileId>{{ profile.id }}</InstanceProfileId>
+      <Roles/>
+      <InstanceProfileName>{{ profile.name }}</InstanceProfileName>
+      <Path>{{ profile.path }}</Path>
+      <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Webserver</Arn>
+      <CreateDate>2012-05-09T16:11:10.222Z</CreateDate>
+    </InstanceProfile>
+  </CreateInstanceProfileResult>
+  <ResponseMetadata>
+    <RequestId>974142ee-99f1-11e1-a4c3-27EXAMPLE804</RequestId>
+  </ResponseMetadata>
+</CreateInstanceProfileResponse>"""
+
+GET_INSTANCE_PROFILE_TEMPLATE = """<GetInstanceProfileResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+  <GetInstanceProfileResult>
+    <InstanceProfile>
+      <InstanceProfileId>{{ profile.id }}</InstanceProfileId>
+      <Roles>
+        {% for role in profile.roles %}
+        <member>
+          <Path>{{ role.path }}</Path>
+          <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>
+          <RoleName>{{ role.name }}</RoleName>
+          <AssumeRolePolicyDocument>{{ role.assume_role_policy_document }}</AssumeRolePolicyDocument>
+          <CreateDate>2012-05-09T15:45:35Z</CreateDate>
+          <RoleId>{{ role.id }}</RoleId>
+        </member>
+        {% endfor %}
+      </Roles>
+      <InstanceProfileName>{{ profile.name }}</InstanceProfileName>
+      <Path>{{ profile.path }}</Path>
+      <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Webserver</Arn>
+      <CreateDate>2012-05-09T16:11:10Z</CreateDate>
+    </InstanceProfile>
+  </GetInstanceProfileResult>
+  <ResponseMetadata>
+    <RequestId>37289fda-99f2-11e1-a4c3-27EXAMPLE804</RequestId>
+  </ResponseMetadata>
+</GetInstanceProfileResponse>"""
+
+CREATE_ROLE_TEMPLATE = """<CreateRoleResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+  <CreateRoleResult>
+    <Role>
+      <Path>{{ role.path }}</Path>
+      <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>
+      <RoleName>{{ role.name }}</RoleName>
+      <AssumeRolePolicyDocument>{{ role.assume_role_policy_document }}</AssumeRolePolicyDocument>
+      <CreateDate>2012-05-08T23:34:01.495Z</CreateDate>
+      <RoleId>{{ role.id }}</RoleId>
+    </Role>
+  </CreateRoleResult>
+  <ResponseMetadata>
+    <RequestId>4a93ceee-9966-11e1-b624-b1aEXAMPLE7c</RequestId>
+  </ResponseMetadata>
+</CreateRoleResponse>"""
+
+GET_ROLE_TEMPLATE = """<GetRoleResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+  <GetRoleResult>
+    <Role>
+      <Path>{{ role.path }}</Path>
+      <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>
+      <RoleName>{{ role.name }}</RoleName>
+      <AssumeRolePolicyDocument>{{ role.assume_role_policy_document }}</AssumeRolePolicyDocument>
+      <CreateDate>2012-05-08T23:34:01Z</CreateDate>
+      <RoleId>{{ role.id }}</RoleId>
+    </Role>
+  </GetRoleResult>
+  <ResponseMetadata>
+    <RequestId>df37e965-9967-11e1-a4c3-270EXAMPLE04</RequestId>
+  </ResponseMetadata>
+</GetRoleResponse>"""
+
+ADD_ROLE_TO_INSTANCE_PROFILE_TEMPLATE = """<AddRoleToInstanceProfileResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+  <ResponseMetadata>
+    <RequestId>12657608-99f2-11e1-a4c3-27EXAMPLE804</RequestId>
+  </ResponseMetadata>
+</AddRoleToInstanceProfileResponse>"""
+
+LIST_ROLES_TEMPLATE = """<ListRolesResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+  <ListRolesResult>
+    <IsTruncated>false</IsTruncated>
+    <Roles>
+      {% for role in roles %}
+      <member>
+        <Path>{{ role.path }}</Path>
+        <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>
+        <RoleName>{{ role.name }}</RoleName>
+        <AssumeRolePolicyDocument>{{ role.assume_role_policy_document }}</AssumeRolePolicyDocument>
+        <CreateDate>2012-05-09T15:45:35Z</CreateDate>
+        <RoleId>{{ role.id }}</RoleId>
+      </member>
+      {% endfor %}
+    </Roles>
+  </ListRolesResult>
+  <ResponseMetadata>
+    <RequestId>20f7279f-99ee-11e1-a4c3-27EXAMPLE804</RequestId>
+  </ResponseMetadata>
+</ListRolesResponse>"""
+
+LIST_INSTANCE_PROFILES_TEMPLATE = """<ListInstanceProfilesResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+  <ListInstanceProfilesResult>
+    <IsTruncated>false</IsTruncated>
+    <InstanceProfiles>
+      {% for instance in instance_profiles %}
+      <member>
+        <Id>{{ instance.id }}</Id>
+        <Roles/>
+        <InstanceProfileName>{{ instance.name }}</InstanceProfileName>
+        <Path>{{ instance.path }}</Path>
+        <Arn>arn:aws:iam::123456789012:instance-profile/application_abc/component_xyz/Database</Arn>
+        <CreateDate>2012-05-09T16:27:03Z</CreateDate>
+      </member>
+      {% endfor %}
+    </InstanceProfiles>
+  </ListInstanceProfilesResult>
+  <ResponseMetadata>
+    <RequestId>fd74fa8d-99f3-11e1-a4c3-27EXAMPLE804</RequestId>
+  </ResponseMetadata>
+</ListInstanceProfilesResponse>"""
--- a/moto/iam/urls.py
+++ b/moto/iam/urls.py
@ -0,0 +1,9 @@
+from .responses import IamResponse
+
+url_bases = [
+    "https?://iam.amazonaws.com",
+]
+
+url_paths = {
+    '{0}/$': IamResponse().dispatch,
+}
--- a/moto/iam/utils.py
+++ b/moto/iam/utils.py
@ -0,0 +1,9 @@
+import random
+import string
+
+
+def random_resource_id():
+    size = 20
+    chars = range(10) + list(string.lowercase)
+
+    return ''.join(unicode(random.choice(chars)) for x in range(size))