class grant_statement_spec(statement_spec):
args = lambda s, self_type, self_name: {
'grantee': sb.required(resource_spec(self_type, self_name, only="iam")
),
'retiree': resource_spec(self_type, self_name, only="iam"),
'operations': sb.required(sb.listof(sb.string_spec())),
'constraints': sb.any_spec(),
'grant_tokens': sb.any_spec()
}
final_kls = lambda s, *args, **kwargs: GrantStatement(*args, **kwargs)
def normalise(self, meta, val):
iam_spec = iam_specs(val, self.self_type, self.self_name)
result = sb.set_options(
Service = sb.listof(sb.string_spec())
, Federated = sb.listof(sb.string_spec())
, AWS = sb.listof(sb.string_spec())
).normalise(meta, val)
special = sb.set_options(
service = sb.listof(principal_service_spec())
, federated = resource_spec(self.self_type, self.self_name)
, iam = iam_spec
).normalise(meta, val)
for arg, lst in special.items():
capitalized = arg.capitalize()
if arg == 'iam':
capitalized = "AWS"
result[capitalized].extend(lst)
for key, val in list(result.items()):
if not val:
del result[key]
continue
# Amazon gets rid of the lists if only one item
# And this mucks around with the diffing....
if len(val) is 1:
result[key] = val[0]
else:
result[key] = sorted(val)
return result
def normalise(self, meta, val):
iam_spec = iam_specs(val, self.self_type, self.self_name)
result = sb.set_options(Service=sb.listof(sb.string_spec()),
Federated=sb.listof(sb.string_spec()),
AWS=sb.listof(sb.string_spec())).normalise(
meta, val)
special = sb.set_options(service=sb.listof(principal_service_spec()),
federated=resource_spec(
self.self_type, self.self_name),
iam=iam_spec).normalise(meta, val)
for arg, lst in special.items():
capitalized = arg.capitalize()
if arg == 'iam':
capitalized = "AWS"
result[capitalized].extend(lst)
for key, val in list(result.items()):
if not val:
del result[key]
continue
# Amazon gets rid of the lists if only one item
# And this mucks around with the diffing....
if len(val) is 1:
result[key] = val[0]
else:
result[key] = sorted(val)
return result
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!", wanted=template, available=available, meta=meta)
val = MergedOptions.using(meta.everything['templates'][template], val)
formatted_string = sb.formatted(sb.string_or_int_as_string_spec(), MergedOptionStringFormatter, expected_type=six.string_types)
function_name = meta.key_names()['_key_name_0']
val = sb.create_spec(Lambda
, name = sb.overridden(function_name)
, role = sb.required(only_one_spec(resource_spec("lambda", function_name, only=["iam"])))
, code = sb.required(function_code_spec())
, handler = function_handler_spec()
, timeout = sb.integer_spec()
, runtime = sb.required(formatted_string)
, location = sb.required(formatted_string)
, description = formatted_string
, sample_event = sb.defaulted(sb.or_spec(formatted_dictionary(), sb.string_spec()), "")
, desired_output_for_test = sb.defaulted(sb.or_spec(formatted_dictionary(), sb.string_spec()), "")
, memory_size = sb.defaulted(divisible_by_spec(64), 128)
).normalise(meta, val)
# Hack to make sample_event and desired_output_for_test not appear as a MergedOptions
for key in ('sample_event', 'desired_output_for_test'):
if isinstance(val[key], MergedOptions):
v = val[key].as_dict()
class Arbritrary(dictobj):
fields = list(v.keys())
val[key] = Arbritrary(**v)
return val
class resource_policy_statement_spec(statement_spec):
args = lambda s, self_type, self_name: {
'sid': sb.string_spec(),
'effect': sb.string_choice_spec(choices=["Deny", "Allow"]),
'action': sb.listof(sb.string_spec()),
("not", "action"): sb.listof(sb.string_spec()),
'resource': resource_spec(self_type, self_name),
('not', 'resource'): resource_spec(self_type, self_name),
'principal': sb.listof(principal_spec(self_type, self_name)),
('not', 'principal'): sb.listof(principal_spec(self_type, self_name)),
'condition': sb.dictionary_spec(),
('not', 'condition'): sb.dictionary_spec()
}
validators = [
validators.deprecated_key('allow', "Use 'effect: Allow|Deny' instead"),
validators.deprecated_key('disallow',
"Use 'effect: Allow|Deny' instead")
]
final_kls = lambda s, *args, **kwargs: ResourcePolicyStatement(
*args, **kwargs)
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!",
wanted=template,
available=available,
meta=meta)
val = MergedOptions.using(meta.everything['templates'][template],
val)
formatted_string = sb.formatted(sb.string_or_int_as_string_spec(),
MergedOptionStringFormatter,
expected_type=six.string_types)
function_name = meta.key_names()['_key_name_0']
val = sb.create_spec(Lambda,
name=sb.overridden(function_name),
role=sb.required(
only_one_spec(
resource_spec("lambda",
function_name,
only=["iam"]))),
code=sb.required(function_code_spec()),
handler=function_handler_spec(),
timeout=sb.integer_spec(),
runtime=sb.required(formatted_string),
location=sb.required(formatted_string),
description=formatted_string,
sample_event=sb.defaulted(
sb.or_spec(formatted_dictionary(),
sb.string_spec()), ""),
desired_output_for_test=sb.defaulted(
sb.or_spec(formatted_dictionary(),
sb.string_spec()), ""),
memory_size=sb.defaulted(divisible_by_spec(64),
128)).normalise(
meta, val)
# Hack to make sample_event and desired_output_for_test not appear as a MergedOptions
for key in ('sample_event', 'desired_output_for_test'):
if isinstance(val[key], MergedOptions):
v = val[key].as_dict()
class Arbritrary(dictobj):
fields = list(v.keys())
val[key] = Arbritrary(**v)
return val
def normalise(self, meta, val):
if 'use' in val:
template = val['use']
if template not in meta.everything['templates']:
available = list(meta.everything['templates'].keys())
raise BadTemplate("Template doesn't exist!", wanted=template, available=available, meta=meta)
val = MergedOptions.using(meta.everything['templates'][template], val)
formatted_string = sb.formatted(sb.string_or_int_as_string_spec(), MergedOptionStringFormatter, expected_type=six.string_types)
function_name = meta.key_names()['_key_name_0']
return sb.create_spec(Lambda
, name = sb.overridden(function_name)
, role = sb.required(only_one_spec(resource_spec("lambda", function_name, only=["iam"])))
, code = sb.required(function_code_spec())
, handler = function_handler_spec()
, timeout = sb.integer_spec()
, runtime = sb.required(formatted_string)
, location = sb.required(formatted_string)
, description = formatted_string
, sample_event = sb.defaulted(sb.or_spec(sb.dictionary_spec(), sb.string_spec()), "")
, memory_size = sb.defaulted(divisible_by_spec(64), 128)
).normalise(meta, val)