Skip to content

Instantly share code, notes, and snippets.

@mechamogera
Last active Aug 29, 2015
Embed
What would you like to do?
AssumeRoleテスト用のS3アップロードスクリプト
# A sample Gemfile
source "https://rubygems.org"
gem 'aws-sdk', '< 2.0'
require 'aws-sdk'
require 'optparse'
options = {}
OptionParser.new do |opt|
opt.on('-r', '--region=VALUE', 'リージョン') { |v| options[:region] = v }
opt.on('-b', '--backet=VALUE', 's3バケット名') { |v| options[:backet] = v }
opt.on('-a', '--role-arn=VALUE', 'IAMロールのARN') { |v| options[:role_arn] = v }
opt.on('-k', '--s3-object-key=VALUE', 'アップロードするオブジェクトのキー') { |v| options[:s3_object_key] = v }
opt.parse!(ARGV)
end
AWS.config(region: options[:region])
bucket_name = options[:backet]
object_name = options[:s3_object_key]
upload_policy = AWS::STS::Policy.new do |policy|
policy.allow( actions: ['s3:PutObject', 's3:PutObjectAcl'], resources: "arn:aws:s3:::#{bucket_name}/#{object_name}")
end
upload_session = AWS::STS.new.assume_role(role_arn: options[:role_arn],
role_session_name: "test",
policy: upload_policy.to_json)
#AWS::STS.new.new_federated_session("user_name", policy: upload_policy)
s3 = AWS::S3.new(upload_session[:credentials])
bucket = s3.buckets[bucket_name]
object = bucket.objects[object_name].write(file: __FILE__, acl: :public_read)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment