Permalink
Browse files

fixes #2229 add an IAM role field to a compute image.

This allows use of IAM to control access to AWS services within an instance.
  • Loading branch information...
1 parent d522601 commit 59e6620c1de731b0298a02fc41b4d15c9b98546f David Swift committed with ohadlevy Feb 12, 2013
@@ -3,7 +3,7 @@ def self.included(base)
base.send :include, InstanceMethods
base.class_eval do
attr_accessor :compute_attributes, :vm, :provision_method
- after_validation :queue_compute
+ after_validation :validate_compute_provisioning, :queue_compute
before_destroy :queue_compute_destroy
end
end
@@ -141,5 +141,17 @@ def compute_update_required?
compute_resource.update_required?(old.compute_attributes, compute_attributes.symbolize_keys)
end
+ def validate_compute_provisioning
+ return true if compute_attributes.nil?
+ image_uuid = compute_attributes[:image_id] || compute_attributes[:image_ref]
+ return true if image_uuid.blank?
+ img = Image.where(:uuid => image_uuid, :compute_resource_id => compute_resource_id).first
+ if img
+ self.image = img
+ else
+ failure("Selected image does not belong to #{compute_resource}") and return false
+ end
+ end
+
end
end
@@ -110,12 +110,6 @@ def validate_ssh_provisioning
end
status = false if template.nil?
failure "No finish templates were found for this host, make sure you define at least one in your #{os} settings" unless status
- image_uuid = compute_attributes[:image_id] || compute_attributes[:image_ref]
- unless (self.image = Image.find_by_uuid(image_uuid))
- status &= failure("Must define an Image to use")
- end
-
- status
end
end
@@ -11,6 +11,11 @@
<% else %>
<%= text_f f, :uuid, :label => "Image ID", :help_inline => "Image ID as provided by the compute resource, e.g. ami-.." %>
<% end%>
+ <% if @compute_resource.provider == 'EC2' %>
+ <%# TODO - Get IAM roles from AWS and display in select drop %>
+ <%= text_f f, :iam_role, :label => "IAM Role", :help_inline => "(optional) IAM Role for Fog to use when creating this image." %>
+ <% end %>
+
<%= submit_or_cancel f, false, :cancel_path => @compute_resource %>
<% end %>
@@ -0,0 +1,9 @@
+class AddIamRoleToImages < ActiveRecord::Migration
+ def self.up
+ add_column :images, :iam_role, :string
+ end
+
+ def self.down
+ remove_column :images, :iam_role
+ end
+end
View
@@ -33,6 +33,11 @@ def create_vm args = { }
if (name = args[:name])
args.merge!(:tags => {:Name => name})
end
+ if (image_id = args[:image_id])
+ image = images.find_by_uuid(image_id)
+ iam_hash = image.iam_role.present? ? {:iam_instance_profile_name => image.iam_role} : {}
+ args.merge!(iam_hash)
+ end
super(args)
end

0 comments on commit 59e6620

Please sign in to comment.