From edfbd862b3384795725beb4a01d6b0c8bf60430b Mon Sep 17 00:00:00 2001
From: Clint Byrum <clint@fewbar.com>
Date: Mon, 6 May 2013 21:50:09 -0700
Subject: [PATCH] Un-do all use of generic-user.yaml and remove it.

This was a rather experimental way to try and create some generic
templates in Heat. But the AllowedResources can only refer to resources
inside the template itself, so this is useless.
---
 generic-user.yaml | 24 ------------------------
 heat.yaml         | 40 ++++++++++++++++++++++++++++------------
 2 files changed, 28 insertions(+), 36 deletions(-)
 delete mode 100644 generic-user.yaml

diff --git a/generic-user.yaml b/generic-user.yaml
deleted file mode 100644
index a14f1c6c..00000000
--- a/generic-user.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-HeatTemplateFormatVersion: '2012-12-12'
-Description: 'HEAT Template - Heat Engine and API'
-Parameters:
-  AllowedResources:
-    Type: CommaDelimitedList
-Resources:
-  AccessPolicy:
-    Type: OS::Heat::AccessPolicy
-    Properties:
-      AllowedResources: {Ref: AllowedResources}
-  User:
-    Type: AWS::IAM::User
-    Properties:
-      Policies: [ { Ref: AccessPolicy } ]
-  Key:
-    Type: AWS::IAM::AccessKey
-    Properties:
-      UserName:
-        Ref: User
-Outputs:
-  AccessKeyId:
-    Ref: Key
-  SecretKey:
-    Fn::GetAtt: [ Key, SecretAccessKey ]
diff --git a/heat.yaml b/heat.yaml
index 0312a147..4c64983d 100644
--- a/heat.yaml
+++ b/heat.yaml
@@ -34,16 +34,32 @@ Parameters:
     Type: String
     Default: https://raw.github.com/openstack-ops/templates/master/
 Resources:
+  EngineAccessPolicy:
+    Type: OS::Heat::AccessPolicy
+    Properties:
+      AllowedResources: [ HeatEngine ]
   EngineUser:
-    Type: AWS::CloudFormation::Stack
-    TemplateURL: {Fn::Join: [ {Ref: TemplateURL} , 'generic-user.yaml' ]}
-    Parameters:
-      AccessList: [ HeatEngine ]
+    Type: AWS::IAM::User
+    Properties:
+      Policies: [ { Ref: EngineAccessPolicy } ]
+  EngineKey:
+    Type: AWS::IAM::AccessKey
+    Properties:
+      UserName:
+        Ref: EngineUser
+  ApiAccessPolicy:
+    Type: OS::Heat::AccessPolicy
+    Properties:
+      AllowedResources: [ HeatAPI, HeatAPILaunch ]
   ApiUser:
-    Type: AWS::CloudFormation::Stack
-    TemplateURL: {Fn::Join: [ {Ref: TemplateURL} , 'generic-user.yaml' ]}
-    Parameters:
-      AccessList: [ HeatAPI, HeatAPILaunch ]
+    Type: AWS::IAM::User
+    Properties:
+      Policies: [ { Ref: ApiAccessPolicy } ]
+  ApiKey:
+    Type: AWS::IAM::AccessKey
+    Properties:
+      UserName:
+        Ref: ApiUser
   HeatAPILaunch:
     Type: AWS::AutoScaling::LaunchConfiguration
     Metadata:
@@ -54,9 +70,9 @@ Resources:
           host: {Ref: RabbitMQHost}
           password: {Ref: RabbitMQPassword}
         access_key_id:
-          Fn::GetAtt: [ ApiUser, AccessKeyId ]
+          Ref: ApiKey
         secret_key:
-          Fn::GetAtt: [ ApiUser, SecretAccessKey ]
+          Fn::GetAtt: [ ApiKey, SecretAccessKey ]
         stack:
           name: {Ref: 'AWS::StackName'}
           region: {Ref: 'AWS::Region'}
@@ -86,9 +102,9 @@ Resources:
           host: {Ref: RabbitMQHost}
           password: {Ref: RabbitMQPassword}
         access_key_id:
-          Fn::GetAtt: [ EngineUser, AccessKeyId ]
+          Ref: EngineKey
         secret_key:
-          Fn::GetAtt: [ EngineUser, SecretAccessKey ]
+          Fn::GetAtt: [ EngineKey, SecretAccessKey ]
         stack:
           name: {Ref: 'AWS::StackName'}
           region: {Ref: 'AWS::Region'}
-- 
2.16.6