Skip to content

Commit

Permalink
Merge pull request theonestack#9 from theonestack/hotfix/rspecs
Browse files Browse the repository at this point in the history
fixes polices versions
  • Loading branch information
aaronwalker authored Mar 13, 2024
2 parents 134c610 + 9837627 commit bc5ea5f
Show file tree
Hide file tree
Showing 15 changed files with 16 additions and 16 deletions.
2 changes: 1 addition & 1 deletion spec/alb_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17","Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/circuit_breaker_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17","Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/dynamic_priorities_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/ecs_exec_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ssm-session-manager", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"ssmsessionmanager", "Action"=>["ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel"], "Resource"=>["*"], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ssm-session-manager", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"ssmsessionmanager", "Action"=>["ssmmessages:CreateControlChannel", "ssmmessages:CreateDataChannel", "ssmmessages:OpenControlChannel", "ssmmessages:OpenDataChannel"], "Resource"=>["*"], "Effect"=>"Allow"}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/ecs_scaling_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/existing_target_groups_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/iam_policy_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"create-spot-service-liked-role", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"createspotservicelikedrole", "Action"=>["iam:CreateServiceLinkedRole"], "Resource"=>["*"], "Effect"=>"Allow", "Condition"=>{"StringLike"=>{"iam:AWSServiceName"=>"spot.amazonaws.com"}}}]}}, {"PolicyName"=>"cross-account-sts", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"crossaccountsts", "Action"=>["sts:AssumeRole"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"get-identity", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"getidentity", "Action"=>["sts:GetCallerIdentity"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"iam-pass-role", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"iampassrole", "Action"=>["iam:ListRoles", "iam:PassRole", "iam:ListInstanceProfiles"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ec2-fleet-plugin", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"ec2fleetplugin", "Action"=>["ec2:*"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"s3-list-ciinabox-bucket", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"s3listciinaboxbucket", "Action"=>["s3:ListBucket", "s3:GetBucketLocation"], "Resource"=>[{"Fn::Sub"=>"arn:aws:s3:::bucket"}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"s3-rw", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"s3rw", "Action"=>["s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectVersion", "s3:PutObject", "s3:PutObjectAcl"], "Resource"=>[{"Fn::Sub"=>"arn:aws:s3:::bucket/*"}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"secretsmanager-list", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"secretsmanagerlist", "Action"=>["secretsmanager:ListSecrets"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"secretsmanager-get", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"secretsmanagerget", "Action"=>["secretsmanager:GetSecretValue"], "Resource"=>[{"Fn::Sub"=>"arn:aws:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:/${EnvironmentName}/jenkins/*"}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ssm-parameters", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"ssmparameters", "Action"=>["ssm:GetParameter", "ssm:GetParametersByPath"], "Resource"=>[{"Fn::Sub"=>"arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/ciinabox/*"}, {"Fn::Sub"=>"arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/aws/*"}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"sns-publish", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"snspublish", "Action"=>["sns:Publish"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ecr-manange-repos", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"ecrmanangerepos", "Action"=>["ecr:*"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"codeartifact-manange-repos", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"codeartifactmanangerepos", "Action"=>["codeartifact:*"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"codecommit-pull", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"codecommitpull", "Action"=>["codecommit:BatchGet*", "codecommit:BatchDescribe*", "codecommit:Describe*", "codecommit:EvaluatePullRequestApprovalRules", "codecommit:Get*", "codecommit:List*", "codecommit:GitPull"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ecs-manage-tasks", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"ecsmanagetasks0", "Action"=>["ecs:RunTask", "ecs:DescribeTasks", "ecs:RegisterTaskDefinition", "ecs:ListClusters", "ecs:DescribeContainerInstances", "ecs:ListTaskDefinitions", "ecs:DescribeTaskDefinition", "ecs:DeregisterTaskDefinition"], "Resource"=>["*"], "Effect"=>"Allow"}, {"Sid"=>"ecsmanagetasks1", "Action"=>["ecs:ListContainerInstances", "ecs:DescribeClusters"], "Resource"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:cluster/my-cluster"}], "Effect"=>"Allow"}, {"Sid"=>"ecsmanagetasks2", "Action"=>["ecs:RunTask"], "Resource"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:task-definition/*"}], "Effect"=>"Allow", "Condition"=>{"ArnEquals"=>{"ecs:cluster"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:cluster/my-cluster"}]}}}, {"Sid"=>"ecsmanagetasks3", "Action"=>["ecs:StopTask"], "Resource"=>["arn:aws:ecs:*:*:task/*"], "Effect"=>"Allow", "Condition"=>{"ArnEquals"=>{"ecs:cluster"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:cluster/my-cluster"}]}}}, {"Sid"=>"ecsmanagetasks4", "Action"=>["ecs:DescribeTasks"], "Resource"=>["arn:aws:ecs:*:*:task/*"], "Effect"=>"Allow", "Condition"=>{"ArnEquals"=>{"ecs:cluster"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:cluster/my-cluster"}]}}}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"create-spot-service-liked-role", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"createspotservicelikedrole", "Action"=>["iam:CreateServiceLinkedRole"], "Resource"=>["*"], "Effect"=>"Allow", "Condition"=>{"StringLike"=>{"iam:AWSServiceName"=>"spot.amazonaws.com"}}}]}}, {"PolicyName"=>"cross-account-sts", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"crossaccountsts", "Action"=>["sts:AssumeRole"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"get-identity", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"getidentity", "Action"=>["sts:GetCallerIdentity"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"iam-pass-role", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"iampassrole", "Action"=>["iam:ListRoles", "iam:PassRole", "iam:ListInstanceProfiles"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ec2-fleet-plugin", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"ec2fleetplugin", "Action"=>["ec2:*"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"s3-list-ciinabox-bucket", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"s3listciinaboxbucket", "Action"=>["s3:ListBucket", "s3:GetBucketLocation"], "Resource"=>[{"Fn::Sub"=>"arn:aws:s3:::bucket"}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"s3-rw", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"s3rw", "Action"=>["s3:GetObject", "s3:GetObjectAcl", "s3:GetObjectVersion", "s3:PutObject", "s3:PutObjectAcl"], "Resource"=>[{"Fn::Sub"=>"arn:aws:s3:::bucket/*"}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"secretsmanager-list", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"secretsmanagerlist", "Action"=>["secretsmanager:ListSecrets"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"secretsmanager-get", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"secretsmanagerget", "Action"=>["secretsmanager:GetSecretValue"], "Resource"=>[{"Fn::Sub"=>"arn:aws:secretsmanager:${AWS::Region}:${AWS::AccountId}:secret:/${EnvironmentName}/jenkins/*"}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ssm-parameters", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"ssmparameters", "Action"=>["ssm:GetParameter", "ssm:GetParametersByPath"], "Resource"=>[{"Fn::Sub"=>"arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/ciinabox/*"}, {"Fn::Sub"=>"arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/aws/*"}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"sns-publish", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"snspublish", "Action"=>["sns:Publish"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ecr-manange-repos", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"ecrmanangerepos", "Action"=>["ecr:*"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"codeartifact-manange-repos", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"codeartifactmanangerepos", "Action"=>["codeartifact:*"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"codecommit-pull", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"codecommitpull", "Action"=>["codecommit:BatchGet*", "codecommit:BatchDescribe*", "codecommit:Describe*", "codecommit:EvaluatePullRequestApprovalRules", "codecommit:Get*", "codecommit:List*", "codecommit:GitPull"], "Resource"=>["*"], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ecs-manage-tasks", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"ecsmanagetasks0", "Action"=>["ecs:RunTask", "ecs:DescribeTasks", "ecs:RegisterTaskDefinition", "ecs:ListClusters", "ecs:DescribeContainerInstances", "ecs:ListTaskDefinitions", "ecs:DescribeTaskDefinition", "ecs:DeregisterTaskDefinition"], "Resource"=>["*"], "Effect"=>"Allow"}, {"Sid"=>"ecsmanagetasks1", "Action"=>["ecs:ListContainerInstances", "ecs:DescribeClusters"], "Resource"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:cluster/my-cluster"}], "Effect"=>"Allow"}, {"Sid"=>"ecsmanagetasks2", "Action"=>["ecs:RunTask"], "Resource"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:task-definition/*"}], "Effect"=>"Allow", "Condition"=>{"ArnEquals"=>{"ecs:cluster"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:cluster/my-cluster"}]}}}, {"Sid"=>"ecsmanagetasks3", "Action"=>["ecs:StopTask"], "Resource"=>["arn:aws:ecs:*:*:task/*"], "Effect"=>"Allow", "Condition"=>{"ArnEquals"=>{"ecs:cluster"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:cluster/my-cluster"}]}}}, {"Sid"=>"ecsmanagetasks4", "Action"=>["ecs:DescribeTasks"], "Resource"=>["arn:aws:ecs:*:*:task/*"], "Effect"=>"Allow", "Condition"=>{"ArnEquals"=>{"ecs:cluster"=>[{"Fn::Sub"=>"arn:aws:ecs:${AWS::Region}:${AWS::AccountId}:cluster/my-cluster"}]}}}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/multiple_target_groups_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -212,7 +212,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
end

end
Expand Down
4 changes: 2 additions & 2 deletions spec/secrets_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
end

end
Expand All @@ -125,7 +125,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"ssm-secrets", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"ssmsecrets", "Action"=>"ssm:GetParameters", "Resource"=>[{"Fn::Sub"=>"arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/${EnvironmentName}/app/MY_SECRET"}, "arn:aws:ssm:eu-central-1:012345678990:parameter/app/YOUR_SECRET"], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"ssm-secrets", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"ssmsecrets", "Action"=>"ssm:GetParameters", "Resource"=>[{"Fn::Sub"=>"arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/${EnvironmentName}/app/MY_SECRET"}, "arn:aws:ssm:eu-central-1:012345678990:parameter/app/YOUR_SECRET"], "Effect"=>"Allow"}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/security_groups_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}])
end

end
Expand Down
2 changes: 1 addition & 1 deletion spec/service_discovery_complete_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@
end

it "to have property Policies" do
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ecs-service-discovery", "PolicyDocument"=>{"Statement"=>[{"Sid"=>"ecsservicediscovery", "Action"=>["servicediscovery:RegisterInstance", "servicediscovery:DeregisterInstance", "servicediscovery:DiscoverInstances", "servicediscovery:Get*", "servicediscovery:List*", "route53:GetHostedZone", "route53:ListHostedZonesByName", "route53:ChangeResourceRecordSets", "route53:CreateHealthCheck", "route53:GetHealthCheck", "route53:DeleteHealthCheck", "route53:UpdateHealthCheck"], "Resource"=>["*"], "Effect"=>"Allow"}]}}])
expect(resource["Properties"]["Policies"]).to eq([{"PolicyName"=>"fargate_default_policy", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"fargatedefaultpolicy", "Action"=>["logs:GetLogEvents"], "Resource"=>[{"Fn::GetAtt"=>["LogGroup", "Arn"]}], "Effect"=>"Allow"}]}}, {"PolicyName"=>"ecs-service-discovery", "PolicyDocument"=>{"Version"=>"2012-10-17", "Statement"=>[{"Sid"=>"ecsservicediscovery", "Action"=>["servicediscovery:RegisterInstance", "servicediscovery:DeregisterInstance", "servicediscovery:DiscoverInstances", "servicediscovery:Get*", "servicediscovery:List*", "route53:GetHostedZone", "route53:ListHostedZonesByName", "route53:ChangeResourceRecordSets", "route53:CreateHealthCheck", "route53:GetHealthCheck", "route53:DeleteHealthCheck", "route53:UpdateHealthCheck"], "Resource"=>["*"], "Effect"=>"Allow"}]}}])
end

end
Expand Down
Loading

0 comments on commit bc5ea5f

Please sign in to comment.