Metadata-Version: 1.1
Name: botool
Version: 0.1.1
Summary: A botocore helper lib
Home-page: https://github.com/reedobrien/botool
Author: Reed O'Brien
Author-email: reed.foss@reedobrien.com
License: BSD-derived. See LICENSE file
Description: botool
        ======
        
        Hopefully useful botocore scripts for managing aws resources
        
        TODO
        ----
        
        IAM
        ---
        
         - add backup flag to write out settings to file(s)
         - add capacity to remove users, groups, and roles
         - tests
         - allow "users" to have individual policies
        
        
        Example Config
        --------------
        
            service: IAM
        
            groups:
              - group_name: "group1"
                policy_name: "allow-rw-to-s3"
                policy_document: "example-allow-rw-to-s3.json"
              - group_name: "group2"
                policy_name: "allow-rw-to-s3"
                policy_document: "example-allow-rw-to-s3.json"
              - group_name: "group3"
                policy_name: "allow-rw-to-s3"
                policy_document: "example-allow-rw-to-s3.json"
        
            users:
              - user_name: "user1"
                groups: [group2, group1]
              - user_name: "user2"
                groups: [group1]
              - user_name: "user3"
                groups: [group3, group2, group1]
              - user_name: "user4"
                groups: [group2, group3]
        
            roles:
              - role_name: "role1-service"
                policy_name: "allow-rw-to-s3"
                assume_role_policy_document: "allow-assume-role-by-ec2-service.json"
                policy_document: "example-allow-rw-to-s3.json"
              - role_name: "role2-service"
                policy_name: "allow-rw-to-s3"
                assume_role_policy_document: "allow-assume-role-by-ec2-service.json"
                policy_document: "example-allow-rw-to-s3.json"
              - role_name: "role3-service"
                policy_name: "allow-rw-to-s3"
                assume_role_policy_document: "allow-assume-role-by-ec2-service.json"
                policy_document: "example-allow-rw-to-s3.json"
        
        
        Example Policies
        ----------------
        
        allow-assume-role-by-ec2-service.json
        -------------------------------------
        
            {
                "Statement":
                [
                    {
                        "Effect": "Allow",
                        "Action": [
                            "sts:AssumeRole"
                            ],
                        "Principal":
                        {
                            "Service" :
                            [
                                "ec2.amazonaws.com"
                            ]
                        }
                    }
                ]
            }
        
        example-allow-rw-to-s3.json
        ---------------------------
        
            {
                "Version":"2012-10-17",
                "Statement":
                    [
                        {
                            "Effect":"Allow",
                            "Action":
                            [
                            "s3:AbortMultipartUpload",
                            "s3:DeleteObject",
                            "s3:GetObject",
                            "s3:GetObjectAcl",
                            "s3:ListMultipartUploadParts",
                            "s3:PutObject",
                            "s3:PutObjectAcl"
                            ],
                            "Resource":
                                [
                                "arn:aws:s3:::hqmigrat-stage/*"
                                ]
                        },
                        {
                            "Sid":"Stmt1391189122000",
                            "Effect":"Allow",
                            "Action":
                            [
                            "s3:AbortMultipartUpload",
                            "s3:DeleteObject",
                            "s3:GetObject",
                            "s3:GetObjectAcl",
                            "s3:ListMultipartUploadParts",
                            "s3:PutObject",
                            "s3:PutObjectAcl"
                            ],
                            "Resource":
                            [
                            "arn:aws:s3:::hqmigrat-prod/*"
                            ]
                        }
                    ]
            }
        
        
        CHANGES
        =======
        
        Next Release (TBD)
        ------------------
        
         - TBD
        
        0.1 (2014-02-10)
        ----------------
        
        - Initial release
        - IAM basics for creating roles, groups and users. Manages user roles, but everything else is add only right now.
        
        
        
Keywords: AWS botocore
Platform: UNKNOWN
Classifier: Intended Audience :: Developers
Classifier: Programming Language :: Python
