pcf.particle.aws.iam package

Submodules

pcf.particle.aws.iam.iam_role module

class pcf.particle.aws.iam.iam_role.IAMRole(particle_definition, session=None)

Bases: pcf.core.aws_resource.AWSResource

This is the implementation of Amazon’s IAM Role.

START_PARAMS_FILTER = {'AssumeRolePolicyDocument', 'Description', 'MaxSessionDuration', 'Path', 'PermissionsBoundary', 'RoleName', 'Tags'}
UNIQUE_KEYS = ['aws_resource.RoleName']
_set_unique_keys()

Logic that sets keys from state definition that are used to uniquely identify IAM Roles

_start()

Creates the IAM Role

Returns:response of boto3 create_role
_stop()

IAM Role does not have a stopped state so it calls terminate.

_terminate()

Deletes the IAM Role

Returns:response of boto3 delete_role
_update()

Updates the IAM Role to match desired state definition.

equivalent_states = {<State.running: 1>: 1, <State.stopped: 2>: 0, <State.terminated: 3>: 0}
flavor = 'iam_role'
get_iam_policies()

Check for IAM Policy parents and sets the IAM Policy IDs

Returns:iam_policy_id
get_status()

Determines if the IAM Role exists

Returns:status (dict)
is_state_definition_equivalent()

Compared the desired state and current state definition

Returns:bool
is_state_equivalent(state1, state2)

Determines if states are equivalent. Uses equivalent_states defined in the IAMRole class.

Parameters:
  • state1 (State) –
  • state1
Returns:

bool
state_lookup = {'active': <State.running: 1>, 'inactive': <State.terminated: 3>, 'missing': <State.terminated: 3>}
sync_state()

Calls get status and then sets the current state.

pcf.particle.aws.iam.iam_policy module

class pcf.particle.aws.iam.iam_policy.IAMPolicy(particle_definition, session=None)

Bases: pcf.core.aws_resource.AWSResource

This is the implementation of Amazon’s IAM Policy.

START_PARAMS_FILTER = {'Path', 'PolicyDocument', 'PolicyName'}
UNIQUE_KEYS = ['aws_resource.PolicyName']
_set_unique_keys()

Logic that sets keys from state definition that are used to uniquely identify IAM Policies

_start()

Creates the IAM Policy :returns: response of boto3 create_policy

_stop()

IAM Policy does not have a stopped state so it calls terminate.

_terminate()

Deletes the IAM Policy :returns: response of boto3 delete_policy

_update()

Updates the IAM Policy to match desired state definition.

equivalent_states = {<State.running: 1>: 1, <State.stopped: 2>: 0, <State.terminated: 3>: 0}
flavor = 'iam_policy'
get_status()

Determines if the IAM Policy exists :returns: status (dict)

is_state_equivalent(state1, state2)

Determines if states are equivalent. Uses equivalent_states defined in the IAMPolicy class. :param state1: :type state1: State :param state1: :type state1: State

Returns:bool
state_lookup = {'active': <State.running: 1>, 'inactive': <State.terminated: 3>, 'missing': <State.terminated: 3>}
sync_state()

Calls get status and then sets the current state.

Module contents