@cloud-copilot/iam-collect 0.1.131 → 0.1.133
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +16 -8
- package/dist/cjs/aws/ClientPool.d.ts +21 -3
- package/dist/cjs/aws/ClientPool.d.ts.map +1 -1
- package/dist/cjs/aws/ClientPool.js +22 -0
- package/dist/cjs/aws/ClientPool.js.map +1 -1
- package/dist/cjs/awsConfigClients/AwsConfigClientContext.d.ts +15 -0
- package/dist/cjs/awsConfigClients/AwsConfigClientContext.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/AwsConfigClientContext.js +6 -0
- package/dist/cjs/awsConfigClients/AwsConfigClientContext.js.map +1 -0
- package/dist/cjs/awsConfigClients/AwsConfigClientPool.d.ts +40 -0
- package/dist/cjs/awsConfigClients/AwsConfigClientPool.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/AwsConfigClientPool.js +132 -0
- package/dist/cjs/awsConfigClients/AwsConfigClientPool.js.map +1 -0
- package/dist/cjs/awsConfigClients/awsConfigUtils.d.ts +30 -0
- package/dist/cjs/awsConfigClients/awsConfigUtils.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/awsConfigUtils.js +64 -0
- package/dist/cjs/awsConfigClients/awsConfigUtils.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigAccountClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigAccountClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigAccountClient.js +60 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigAccountClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigApiGatewayClient.d.ts +21 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigApiGatewayClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigApiGatewayClient.js +37 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigApiGatewayClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigBackupClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigBackupClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigBackupClient.js +98 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigBackupClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigDynamoDBClient.d.ts +21 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigDynamoDBClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigDynamoDBClient.js +60 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigDynamoDBClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEC2Client.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEC2Client.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEC2Client.js +61 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEC2Client.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEcrClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEcrClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEcrClient.js +122 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEcrClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEfsClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEfsClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEfsClient.js +89 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEfsClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEventBridgeClient.d.ts +19 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEventBridgeClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEventBridgeClient.js +107 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigEventBridgeClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigGlueClient.d.ts +21 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigGlueClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigGlueClient.js +44 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigGlueClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigIamClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigIamClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigIamClient.js +439 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigIamClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKafkaClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKafkaClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKafkaClient.js +145 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKafkaClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKinesisClient.d.ts +22 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKinesisClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKinesisClient.js +87 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKinesisClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKmsClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKmsClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKmsClient.js +105 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigKmsClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigLambdaClient.d.ts +22 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigLambdaClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigLambdaClient.js +158 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigLambdaClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigOpenSearchClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigOpenSearchClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigOpenSearchClient.js +125 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigOpenSearchClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigOrganizationsClient.d.ts +22 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigOrganizationsClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigOrganizationsClient.js +174 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigOrganizationsClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigS3Client.d.ts +15 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigS3Client.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigS3Client.js +239 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigS3Client.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigS3ControlClient.d.ts +25 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigS3ControlClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigS3ControlClient.js +293 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigS3ControlClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSNSClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSNSClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSNSClient.js +114 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSNSClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSQSClient.d.ts +18 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSQSClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSQSClient.js +105 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSQSClient.js.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSecretsManagerClient.d.ts +21 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSecretsManagerClient.d.ts.map +1 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSecretsManagerClient.js +50 -0
- package/dist/cjs/awsConfigClients/clients/AwsConfigSecretsManagerClient.js.map +1 -0
- package/dist/cjs/config/config.d.ts +18 -0
- package/dist/cjs/config/config.d.ts.map +1 -1
- package/dist/cjs/config/config.js +16 -0
- package/dist/cjs/config/config.js.map +1 -1
- package/dist/cjs/config/dataSource.d.ts +11 -0
- package/dist/cjs/config/dataSource.d.ts.map +1 -0
- package/dist/cjs/config/dataSource.js +27 -0
- package/dist/cjs/config/dataSource.js.map +1 -0
- package/dist/cjs/customClients/AbstractClient.d.ts +45 -0
- package/dist/cjs/customClients/AbstractClient.d.ts.map +1 -0
- package/dist/cjs/customClients/AbstractClient.js +75 -0
- package/dist/cjs/customClients/AbstractClient.js.map +1 -0
- package/dist/cjs/customClients/AbstractClientPool.d.ts +53 -0
- package/dist/cjs/customClients/AbstractClientPool.d.ts.map +1 -0
- package/dist/cjs/customClients/AbstractClientPool.js +66 -0
- package/dist/cjs/customClients/AbstractClientPool.js.map +1 -0
- package/dist/cjs/customClients/AbstractCommand.d.ts +56 -0
- package/dist/cjs/customClients/AbstractCommand.d.ts.map +1 -0
- package/dist/cjs/customClients/AbstractCommand.js +19 -0
- package/dist/cjs/customClients/AbstractCommand.js.map +1 -0
- package/dist/cjs/customClients/ResourceNotFoundException.d.ts +23 -0
- package/dist/cjs/customClients/ResourceNotFoundException.d.ts.map +1 -0
- package/dist/cjs/customClients/ResourceNotFoundException.js +37 -0
- package/dist/cjs/customClients/ResourceNotFoundException.js.map +1 -0
- package/dist/cjs/download/download.d.ts.map +1 -1
- package/dist/cjs/download/download.js +65 -28
- package/dist/cjs/download/download.js.map +1 -1
- package/dist/cjs/regions.d.ts +2 -1
- package/dist/cjs/regions.d.ts.map +1 -1
- package/dist/cjs/regions.js +2 -2
- package/dist/cjs/regions.js.map +1 -1
- package/dist/cjs/syncs/dynamodb/dynamoDbStreams.d.ts.map +1 -1
- package/dist/cjs/syncs/dynamodb/dynamoDbStreams.js +2 -3
- package/dist/cjs/syncs/dynamodb/dynamoDbStreams.js.map +1 -1
- package/dist/cjs/syncs/ecr/ecrSyncs.d.ts.map +1 -1
- package/dist/cjs/syncs/ecr/ecrSyncs.js +1 -2
- package/dist/cjs/syncs/ecr/ecrSyncs.js.map +1 -1
- package/dist/cjs/syncs/glue/catalogs.d.ts.map +1 -1
- package/dist/cjs/syncs/glue/catalogs.js +1 -2
- package/dist/cjs/syncs/glue/catalogs.js.map +1 -1
- package/dist/cjs/syncs/iam/authorizationDetails.d.ts.map +1 -1
- package/dist/cjs/syncs/iam/authorizationDetails.js +1 -2
- package/dist/cjs/syncs/iam/authorizationDetails.js.map +1 -1
- package/dist/cjs/syncs/lambda/lambda.d.ts.map +1 -1
- package/dist/cjs/syncs/lambda/lambda.js +1 -2
- package/dist/cjs/syncs/lambda/lambda.js.map +1 -1
- package/dist/cjs/syncs/organizations/organizations.d.ts.map +1 -1
- package/dist/cjs/syncs/organizations/organizations.js +1 -2
- package/dist/cjs/syncs/organizations/organizations.js.map +1 -1
- package/dist/cjs/syncs/ram/ramShares.d.ts.map +1 -1
- package/dist/cjs/syncs/ram/ramShares.js +1 -2
- package/dist/cjs/syncs/ram/ramShares.js.map +1 -1
- package/dist/cjs/syncs/s3/accountBpa.d.ts.map +1 -1
- package/dist/cjs/syncs/s3/accountBpa.js +2 -3
- package/dist/cjs/syncs/s3/accountBpa.js.map +1 -1
- package/dist/cjs/syncs/s3/buckets.js +3 -6
- package/dist/cjs/syncs/s3/buckets.js.map +1 -1
- package/dist/cjs/syncs/s3outposts/s3OutpostsSyncs.d.ts.map +1 -1
- package/dist/cjs/syncs/s3outposts/s3OutpostsSyncs.js +2 -3
- package/dist/cjs/syncs/s3outposts/s3OutpostsSyncs.js.map +1 -1
- package/dist/cjs/syncs/sso/ssoInstances.d.ts.map +1 -1
- package/dist/cjs/syncs/sso/ssoInstances.js +1 -2
- package/dist/cjs/syncs/sso/ssoInstances.js.map +1 -1
- package/dist/cjs/syncs/sync.d.ts +2 -0
- package/dist/cjs/syncs/sync.d.ts.map +1 -1
- package/dist/cjs/syncs/sync.js.map +1 -1
- package/dist/cjs/syncs/typedSync.d.ts +3 -2
- package/dist/cjs/syncs/typedSync.d.ts.map +1 -1
- package/dist/cjs/syncs/typedSync.js +4 -4
- package/dist/cjs/syncs/typedSync.js.map +1 -1
- package/dist/cjs/utils/json.d.ts +7 -0
- package/dist/cjs/utils/json.d.ts.map +1 -1
- package/dist/cjs/utils/json.js +17 -1
- package/dist/cjs/utils/json.js.map +1 -1
- package/dist/esm/aws/ClientPool.d.ts +21 -3
- package/dist/esm/aws/ClientPool.d.ts.map +1 -1
- package/dist/esm/aws/ClientPool.js +22 -0
- package/dist/esm/aws/ClientPool.js.map +1 -1
- package/dist/esm/awsConfigClients/AwsConfigClientContext.d.ts +15 -0
- package/dist/esm/awsConfigClients/AwsConfigClientContext.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/AwsConfigClientContext.js +3 -0
- package/dist/esm/awsConfigClients/AwsConfigClientContext.js.map +1 -0
- package/dist/esm/awsConfigClients/AwsConfigClientPool.d.ts +40 -0
- package/dist/esm/awsConfigClients/AwsConfigClientPool.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/AwsConfigClientPool.js +124 -0
- package/dist/esm/awsConfigClients/AwsConfigClientPool.js.map +1 -0
- package/dist/esm/awsConfigClients/awsConfigUtils.d.ts +30 -0
- package/dist/esm/awsConfigClients/awsConfigUtils.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/awsConfigUtils.js +59 -0
- package/dist/esm/awsConfigClients/awsConfigUtils.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigAccountClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigAccountClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigAccountClient.js +56 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigAccountClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigApiGatewayClient.d.ts +21 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigApiGatewayClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigApiGatewayClient.js +33 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigApiGatewayClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigBackupClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigBackupClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigBackupClient.js +94 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigBackupClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigDynamoDBClient.d.ts +21 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigDynamoDBClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigDynamoDBClient.js +56 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigDynamoDBClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEC2Client.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEC2Client.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEC2Client.js +57 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEC2Client.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEcrClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEcrClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEcrClient.js +118 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEcrClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEfsClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEfsClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEfsClient.js +85 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEfsClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEventBridgeClient.d.ts +19 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEventBridgeClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEventBridgeClient.js +103 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigEventBridgeClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigGlueClient.d.ts +21 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigGlueClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigGlueClient.js +40 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigGlueClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigIamClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigIamClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigIamClient.js +435 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigIamClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKafkaClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKafkaClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKafkaClient.js +141 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKafkaClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKinesisClient.d.ts +22 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKinesisClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKinesisClient.js +83 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKinesisClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKmsClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKmsClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKmsClient.js +101 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigKmsClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigLambdaClient.d.ts +22 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigLambdaClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigLambdaClient.js +154 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigLambdaClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigOpenSearchClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigOpenSearchClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigOpenSearchClient.js +121 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigOpenSearchClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigOrganizationsClient.d.ts +22 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigOrganizationsClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigOrganizationsClient.js +170 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigOrganizationsClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigS3Client.d.ts +15 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigS3Client.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigS3Client.js +235 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigS3Client.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigS3ControlClient.d.ts +25 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigS3ControlClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigS3ControlClient.js +289 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigS3ControlClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSNSClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSNSClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSNSClient.js +110 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSNSClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSQSClient.d.ts +18 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSQSClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSQSClient.js +101 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSQSClient.js.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSecretsManagerClient.d.ts +21 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSecretsManagerClient.d.ts.map +1 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSecretsManagerClient.js +46 -0
- package/dist/esm/awsConfigClients/clients/AwsConfigSecretsManagerClient.js.map +1 -0
- package/dist/esm/config/config.d.ts +18 -0
- package/dist/esm/config/config.d.ts.map +1 -1
- package/dist/esm/config/config.js +15 -0
- package/dist/esm/config/config.js.map +1 -1
- package/dist/esm/config/dataSource.d.ts +11 -0
- package/dist/esm/config/dataSource.d.ts.map +1 -0
- package/dist/esm/config/dataSource.js +24 -0
- package/dist/esm/config/dataSource.js.map +1 -0
- package/dist/esm/customClients/AbstractClient.d.ts +45 -0
- package/dist/esm/customClients/AbstractClient.d.ts.map +1 -0
- package/dist/esm/customClients/AbstractClient.js +68 -0
- package/dist/esm/customClients/AbstractClient.js.map +1 -0
- package/dist/esm/customClients/AbstractClientPool.d.ts +53 -0
- package/dist/esm/customClients/AbstractClientPool.d.ts.map +1 -0
- package/dist/esm/customClients/AbstractClientPool.js +62 -0
- package/dist/esm/customClients/AbstractClientPool.js.map +1 -0
- package/dist/esm/customClients/AbstractCommand.d.ts +56 -0
- package/dist/esm/customClients/AbstractCommand.d.ts.map +1 -0
- package/dist/esm/customClients/AbstractCommand.js +16 -0
- package/dist/esm/customClients/AbstractCommand.js.map +1 -0
- package/dist/esm/customClients/ResourceNotFoundException.d.ts +23 -0
- package/dist/esm/customClients/ResourceNotFoundException.d.ts.map +1 -0
- package/dist/esm/customClients/ResourceNotFoundException.js +32 -0
- package/dist/esm/customClients/ResourceNotFoundException.js.map +1 -0
- package/dist/esm/download/download.d.ts.map +1 -1
- package/dist/esm/download/download.js +66 -29
- package/dist/esm/download/download.js.map +1 -1
- package/dist/esm/regions.d.ts +2 -1
- package/dist/esm/regions.d.ts.map +1 -1
- package/dist/esm/regions.js +2 -2
- package/dist/esm/regions.js.map +1 -1
- package/dist/esm/syncs/dynamodb/dynamoDbStreams.d.ts.map +1 -1
- package/dist/esm/syncs/dynamodb/dynamoDbStreams.js +2 -3
- package/dist/esm/syncs/dynamodb/dynamoDbStreams.js.map +1 -1
- package/dist/esm/syncs/ecr/ecrSyncs.d.ts.map +1 -1
- package/dist/esm/syncs/ecr/ecrSyncs.js +1 -2
- package/dist/esm/syncs/ecr/ecrSyncs.js.map +1 -1
- package/dist/esm/syncs/glue/catalogs.d.ts.map +1 -1
- package/dist/esm/syncs/glue/catalogs.js +1 -2
- package/dist/esm/syncs/glue/catalogs.js.map +1 -1
- package/dist/esm/syncs/iam/authorizationDetails.d.ts.map +1 -1
- package/dist/esm/syncs/iam/authorizationDetails.js +1 -2
- package/dist/esm/syncs/iam/authorizationDetails.js.map +1 -1
- package/dist/esm/syncs/lambda/lambda.d.ts.map +1 -1
- package/dist/esm/syncs/lambda/lambda.js +1 -2
- package/dist/esm/syncs/lambda/lambda.js.map +1 -1
- package/dist/esm/syncs/organizations/organizations.d.ts.map +1 -1
- package/dist/esm/syncs/organizations/organizations.js +1 -2
- package/dist/esm/syncs/organizations/organizations.js.map +1 -1
- package/dist/esm/syncs/ram/ramShares.d.ts.map +1 -1
- package/dist/esm/syncs/ram/ramShares.js +1 -2
- package/dist/esm/syncs/ram/ramShares.js.map +1 -1
- package/dist/esm/syncs/s3/accountBpa.d.ts.map +1 -1
- package/dist/esm/syncs/s3/accountBpa.js +2 -3
- package/dist/esm/syncs/s3/accountBpa.js.map +1 -1
- package/dist/esm/syncs/s3/buckets.js +3 -6
- package/dist/esm/syncs/s3/buckets.js.map +1 -1
- package/dist/esm/syncs/s3outposts/s3OutpostsSyncs.d.ts.map +1 -1
- package/dist/esm/syncs/s3outposts/s3OutpostsSyncs.js +2 -3
- package/dist/esm/syncs/s3outposts/s3OutpostsSyncs.js.map +1 -1
- package/dist/esm/syncs/sso/ssoInstances.d.ts.map +1 -1
- package/dist/esm/syncs/sso/ssoInstances.js +1 -2
- package/dist/esm/syncs/sso/ssoInstances.js.map +1 -1
- package/dist/esm/syncs/sync.d.ts +2 -0
- package/dist/esm/syncs/sync.d.ts.map +1 -1
- package/dist/esm/syncs/sync.js.map +1 -1
- package/dist/esm/syncs/typedSync.d.ts +3 -2
- package/dist/esm/syncs/typedSync.d.ts.map +1 -1
- package/dist/esm/syncs/typedSync.js +4 -4
- package/dist/esm/syncs/typedSync.js.map +1 -1
- package/dist/esm/utils/json.d.ts +7 -0
- package/dist/esm/utils/json.d.ts.map +1 -1
- package/dist/esm/utils/json.js +16 -1
- package/dist/esm/utils/json.js.map +1 -1
- package/package.json +2 -1
|
@@ -0,0 +1,107 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AwsConfigEventBridgeClient = void 0;
|
|
4
|
+
const client_eventbridge_1 = require("@aws-sdk/client-eventbridge");
|
|
5
|
+
const AbstractClient_js_1 = require("../../customClients/AbstractClient.js");
|
|
6
|
+
const AwsConfigClientContext_js_1 = require("../AwsConfigClientContext.js");
|
|
7
|
+
const awsConfigUtils_js_1 = require("../awsConfigUtils.js");
|
|
8
|
+
/**
|
|
9
|
+
* AWS Config-based EventBridge client implementation
|
|
10
|
+
*
|
|
11
|
+
*/
|
|
12
|
+
class AwsConfigEventBridgeClient extends AbstractClient_js_1.AbstractClient {
|
|
13
|
+
static clientName = client_eventbridge_1.EventBridgeClient.name;
|
|
14
|
+
constructor(options, customContext) {
|
|
15
|
+
super(options, customContext);
|
|
16
|
+
}
|
|
17
|
+
/**
|
|
18
|
+
* Register all EventBridge command implementations
|
|
19
|
+
*/
|
|
20
|
+
registerCommands() {
|
|
21
|
+
this.registerCommand(AwsConfigDescribeEventBusCommand);
|
|
22
|
+
this.registerCommand(AwsConfigListEventBusesCommand);
|
|
23
|
+
this.registerCommand(AwsConfigListTagsForResourceCommand);
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
exports.AwsConfigEventBridgeClient = AwsConfigEventBridgeClient;
|
|
27
|
+
/**
|
|
28
|
+
* Config-based implementation of EventBridge DescribeEventBusCommand
|
|
29
|
+
*
|
|
30
|
+
* Maps Events::EventBus Config data to EventBridge DescribeEventBusCommand output format.
|
|
31
|
+
* Returns event bus policy from configuration.Policy field for IAM analysis.
|
|
32
|
+
*/
|
|
33
|
+
const AwsConfigDescribeEventBusCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
34
|
+
command: client_eventbridge_1.DescribeEventBusCommand,
|
|
35
|
+
execute: async (input, context) => {
|
|
36
|
+
const eventBusName = input.Name || 'default';
|
|
37
|
+
const configuration = context.getCache(eventBusName, 'configuration');
|
|
38
|
+
return {
|
|
39
|
+
Name: configuration.Name || eventBusName,
|
|
40
|
+
Arn: configuration.Arn,
|
|
41
|
+
Policy: configuration.Policy,
|
|
42
|
+
// Note: KmsKeyIdentifier is not available in Config schema
|
|
43
|
+
KmsKeyIdentifier: undefined
|
|
44
|
+
};
|
|
45
|
+
}
|
|
46
|
+
});
|
|
47
|
+
/**
|
|
48
|
+
* Config-based implementation of EventBridge ListEventBusesCommand
|
|
49
|
+
*
|
|
50
|
+
* Maps Events::EventBus Config data to EventBridge ListEventBusesCommand output format.
|
|
51
|
+
* Returns event bus listing for IAM analysis and resource discovery.
|
|
52
|
+
*/
|
|
53
|
+
const AwsConfigListEventBusesCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
54
|
+
command: client_eventbridge_1.ListEventBusesCommand,
|
|
55
|
+
execute: async (input, context) => {
|
|
56
|
+
const query = `
|
|
57
|
+
SELECT
|
|
58
|
+
arn,
|
|
59
|
+
resourceId,
|
|
60
|
+
resourceName,
|
|
61
|
+
configuration.Name,
|
|
62
|
+
configuration.Arn,
|
|
63
|
+
configuration.EventSourceName,
|
|
64
|
+
configuration.Policy,
|
|
65
|
+
tags
|
|
66
|
+
WHERE
|
|
67
|
+
resourceType = 'AWS::Events::EventBus'
|
|
68
|
+
AND awsRegion = '${context.region}'
|
|
69
|
+
AND accountId = '${context.accountId}'
|
|
70
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
71
|
+
`;
|
|
72
|
+
const results = await (0, awsConfigUtils_js_1.executeConfigQuery)(query, context);
|
|
73
|
+
const eventBuses = results.map((result) => {
|
|
74
|
+
const { configItem, configuration, tags } = (0, awsConfigUtils_js_1.parseConfigItem)(result);
|
|
75
|
+
// Cache data that will be needed by other commands
|
|
76
|
+
const eventBusName = configuration.Name || configItem.resourceName;
|
|
77
|
+
context.putCache(eventBusName, 'configuration', configuration);
|
|
78
|
+
context.putCache(configItem.arn, 'tags', tags);
|
|
79
|
+
return {
|
|
80
|
+
Name: configuration.Name,
|
|
81
|
+
Arn: configuration.Arn,
|
|
82
|
+
EventSourceName: configuration.EventSourceName
|
|
83
|
+
};
|
|
84
|
+
});
|
|
85
|
+
return {
|
|
86
|
+
EventBuses: eventBuses
|
|
87
|
+
};
|
|
88
|
+
}
|
|
89
|
+
});
|
|
90
|
+
/**
|
|
91
|
+
* Config-based implementation of EventBridge ListTagsForResourceCommand
|
|
92
|
+
*
|
|
93
|
+
* Maps Events::EventBus Config tag data to EventBridge ListTagsForResourceCommand output format.
|
|
94
|
+
* Returns event bus tags for resource identification and compliance analysis.
|
|
95
|
+
*/
|
|
96
|
+
const AwsConfigListTagsForResourceCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
97
|
+
command: client_eventbridge_1.ListTagsForResourceCommand,
|
|
98
|
+
execute: async (input, context) => {
|
|
99
|
+
// Extract event bus name from ARN or use the ARN directly for resourceName lookup
|
|
100
|
+
const resourceArn = input.ResourceARN;
|
|
101
|
+
const tags = context.getCache(resourceArn, 'tags');
|
|
102
|
+
return {
|
|
103
|
+
Tags: tags
|
|
104
|
+
};
|
|
105
|
+
}
|
|
106
|
+
});
|
|
107
|
+
//# sourceMappingURL=AwsConfigEventBridgeClient.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AwsConfigEventBridgeClient.js","sourceRoot":"","sources":["../../../../src/awsConfigClients/clients/AwsConfigEventBridgeClient.ts"],"names":[],"mappings":";;;AAAA,oEAKoC;AAEpC,6EAAsE;AACtE,4EAAuF;AACvF,4DAI6B;AAE7B;;;GAGG;AACH,MAAa,0BAA2B,SAAQ,kCAAsC;IACpF,MAAM,CAAU,UAAU,GAAG,sCAAiB,CAAC,IAAI,CAAA;IAEnD,YACE,OAGC,EACD,aAAqC;QAErC,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;IAC/B,CAAC;IAED;;OAEG;IACO,gBAAgB;QACxB,IAAI,CAAC,eAAe,CAAC,gCAAgC,CAAC,CAAA;QACtD,IAAI,CAAC,eAAe,CAAC,8BAA8B,CAAC,CAAA;QACpD,IAAI,CAAC,eAAe,CAAC,mCAAmC,CAAC,CAAA;IAC3D,CAAC;;AApBH,gEAqBC;AAED;;;;;GAKG;AACH,MAAM,gCAAgC,GAAG,IAAA,4CAAgB,EAAC;IACxD,OAAO,EAAE,4CAAuB;IAChC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChC,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,IAAI,SAAS,CAAA;QAE5C,MAAM,aAAa,GAAG,OAAO,CAAC,QAAQ,CAAC,YAAY,EAAE,eAAe,CAAC,CAAA;QAErE,OAAO;YACL,IAAI,EAAE,aAAa,CAAC,IAAI,IAAI,YAAY;YACxC,GAAG,EAAE,aAAa,CAAC,GAAG;YACtB,MAAM,EAAE,aAAa,CAAC,MAAM;YAC5B,2DAA2D;YAC3D,gBAAgB,EAAE,SAAS;SAC5B,CAAA;IACH,CAAC;CACF,CAAC,CAAA;AAEF;;;;;GAKG;AACH,MAAM,8BAA8B,GAAG,IAAA,4CAAgB,EAAC;IACtD,OAAO,EAAE,0CAAqB;IAC9B,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChC,MAAM,KAAK,GAAG;;;;;;;;;;;;2BAYS,OAAO,CAAC,MAAM;2BACd,OAAO,CAAC,SAAS;cAC9B,6CAAyB;KAClC,CAAA;QAED,MAAM,OAAO,GAAG,MAAM,IAAA,sCAAkB,EAAC,KAAK,EAAE,OAAO,CAAC,CAAA;QAExD,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE;YACxC,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,IAAI,EAAE,GAAG,IAAA,mCAAe,EAAC,MAAM,CAAC,CAAA;YAEnE,mDAAmD;YACnD,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,IAAI,UAAU,CAAC,YAAY,CAAA;YAClE,OAAO,CAAC,QAAQ,CAAC,YAAY,EAAE,eAAe,EAAE,aAAa,CAAC,CAAA;YAC9D,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,IAAI,CAAC,CAAA;YAE9C,OAAO;gBACL,IAAI,EAAE,aAAa,CAAC,IAAI;gBACxB,GAAG,EAAE,aAAa,CAAC,GAAG;gBACtB,eAAe,EAAE,aAAa,CAAC,eAAe;aAC/C,CAAA;QACH,CAAC,CAAC,CAAA;QAEF,OAAO;YACL,UAAU,EAAE,UAAU;SACvB,CAAA;IACH,CAAC;CACF,CAAC,CAAA;AAEF;;;;;GAKG;AACH,MAAM,mCAAmC,GAAG,IAAA,4CAAgB,EAAC;IAC3D,OAAO,EAAE,+CAA0B;IACnC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChC,kFAAkF;QAClF,MAAM,WAAW,GAAG,KAAK,CAAC,WAAY,CAAA;QAEtC,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,CAAA;QAElD,OAAO;YACL,IAAI,EAAE,IAAI;SACX,CAAA;IACH,CAAC;CACF,CAAC,CAAA"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
import { AwsCredentialIdentityWithMetaData } from '../../aws/coreAuth.js';
|
|
2
|
+
import { AbstractClient } from '../../customClients/AbstractClient.js';
|
|
3
|
+
import { AwsConfigClientContext } from '../AwsConfigClientContext.js';
|
|
4
|
+
/**
|
|
5
|
+
* AWS Config-based Glue client implementation
|
|
6
|
+
*
|
|
7
|
+
* Since policies are not available in AWS Config, this client provides limited functionality
|
|
8
|
+
* and returns empty results for all operations.
|
|
9
|
+
*/
|
|
10
|
+
export declare class AwsConfigGlueClient extends AbstractClient<AwsConfigClientContext> {
|
|
11
|
+
static readonly clientName: string;
|
|
12
|
+
constructor(options: {
|
|
13
|
+
credentials: AwsCredentialIdentityWithMetaData;
|
|
14
|
+
region: string | undefined;
|
|
15
|
+
}, customContext: AwsConfigClientContext);
|
|
16
|
+
/**
|
|
17
|
+
* Register all Glue command implementations
|
|
18
|
+
*/
|
|
19
|
+
protected registerCommands(): void;
|
|
20
|
+
}
|
|
21
|
+
//# sourceMappingURL=AwsConfigGlueClient.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AwsConfigGlueClient.d.ts","sourceRoot":"","sources":["../../../../src/awsConfigClients/clients/AwsConfigGlueClient.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iCAAiC,EAAE,MAAM,uBAAuB,CAAA;AACzE,OAAO,EAAE,cAAc,EAAE,MAAM,uCAAuC,CAAA;AACtE,OAAO,EAAE,sBAAsB,EAAoB,MAAM,8BAA8B,CAAA;AAEvF;;;;;GAKG;AACH,qBAAa,mBAAoB,SAAQ,cAAc,CAAC,sBAAsB,CAAC;IAC7E,MAAM,CAAC,QAAQ,CAAC,UAAU,SAAkB;gBAG1C,OAAO,EAAE;QACP,WAAW,EAAE,iCAAiC,CAAA;QAC9C,MAAM,EAAE,MAAM,GAAG,SAAS,CAAA;KAC3B,EACD,aAAa,EAAE,sBAAsB;IAKvC;;OAEG;IACH,SAAS,CAAC,gBAAgB,IAAI,IAAI;CAGnC"}
|
|
@@ -0,0 +1,44 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AwsConfigGlueClient = void 0;
|
|
4
|
+
const client_glue_1 = require("@aws-sdk/client-glue");
|
|
5
|
+
const AbstractClient_js_1 = require("../../customClients/AbstractClient.js");
|
|
6
|
+
const AwsConfigClientContext_js_1 = require("../AwsConfigClientContext.js");
|
|
7
|
+
/**
|
|
8
|
+
* AWS Config-based Glue client implementation
|
|
9
|
+
*
|
|
10
|
+
* Since policies are not available in AWS Config, this client provides limited functionality
|
|
11
|
+
* and returns empty results for all operations.
|
|
12
|
+
*/
|
|
13
|
+
class AwsConfigGlueClient extends AbstractClient_js_1.AbstractClient {
|
|
14
|
+
static clientName = client_glue_1.GlueClient.name;
|
|
15
|
+
constructor(options, customContext) {
|
|
16
|
+
super(options, customContext);
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Register all Glue command implementations
|
|
20
|
+
*/
|
|
21
|
+
registerCommands() {
|
|
22
|
+
this.registerCommand(AwsConfigGetResourcePolicyCommand);
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
exports.AwsConfigGlueClient = AwsConfigGlueClient;
|
|
26
|
+
/**
|
|
27
|
+
* Config-based implementation of Glue GetResourcePolicyCommand
|
|
28
|
+
*
|
|
29
|
+
* Note: The Glue data catalog resource and its policies are not tracked by AWS Config.
|
|
30
|
+
* AWS Config only tracks individual Glue jobs, transforms, and classifiers - not the catalog itself.
|
|
31
|
+
* Therefore, no catalog policy analysis is possible from Config data.
|
|
32
|
+
*/
|
|
33
|
+
const AwsConfigGetResourcePolicyCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
34
|
+
command: client_glue_1.GetResourcePolicyCommand,
|
|
35
|
+
execute: async (input, context) => {
|
|
36
|
+
// Note: The Glue data catalog resource and its policies are not tracked by AWS Config.
|
|
37
|
+
// AWS Config only tracks individual Glue jobs, transforms, and classifiers - not the catalog itself.
|
|
38
|
+
// Therefore, no catalog policy analysis is possible from Config data.
|
|
39
|
+
return {
|
|
40
|
+
PolicyInJson: undefined // Empty - no catalog policy data available in Config
|
|
41
|
+
};
|
|
42
|
+
}
|
|
43
|
+
});
|
|
44
|
+
//# sourceMappingURL=AwsConfigGlueClient.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AwsConfigGlueClient.js","sourceRoot":"","sources":["../../../../src/awsConfigClients/clients/AwsConfigGlueClient.ts"],"names":[],"mappings":";;;AAAA,sDAA2E;AAE3E,6EAAsE;AACtE,4EAAuF;AAEvF;;;;;GAKG;AACH,MAAa,mBAAoB,SAAQ,kCAAsC;IAC7E,MAAM,CAAU,UAAU,GAAG,wBAAU,CAAC,IAAI,CAAA;IAE5C,YACE,OAGC,EACD,aAAqC;QAErC,KAAK,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;IAC/B,CAAC;IAED;;OAEG;IACO,gBAAgB;QACxB,IAAI,CAAC,eAAe,CAAC,iCAAiC,CAAC,CAAA;IACzD,CAAC;;AAlBH,kDAmBC;AAED;;;;;;GAMG;AACH,MAAM,iCAAiC,GAAG,IAAA,4CAAgB,EAAC;IACzD,OAAO,EAAE,sCAAwB;IACjC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChC,uFAAuF;QACvF,qGAAqG;QACrG,sEAAsE;QACtE,OAAO;YACL,YAAY,EAAE,SAAS,CAAC,qDAAqD;SAC9E,CAAA;IACH,CAAC;CACF,CAAC,CAAA"}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
import { AwsCredentialIdentityWithMetaData } from '../../aws/coreAuth.js';
|
|
2
|
+
import { AbstractClient } from '../../customClients/AbstractClient.js';
|
|
3
|
+
import { AwsConfigClientContext } from '../AwsConfigClientContext.js';
|
|
4
|
+
/**
|
|
5
|
+
* AWS Config-based IAM client implementation
|
|
6
|
+
*/
|
|
7
|
+
export declare class AwsConfigIamClient extends AbstractClient<AwsConfigClientContext> {
|
|
8
|
+
static readonly clientName: string;
|
|
9
|
+
constructor(options: {
|
|
10
|
+
credentials: AwsCredentialIdentityWithMetaData;
|
|
11
|
+
region: string | undefined;
|
|
12
|
+
}, customContext: AwsConfigClientContext);
|
|
13
|
+
/**
|
|
14
|
+
* Register all IAM command implementations
|
|
15
|
+
*/
|
|
16
|
+
protected registerCommands(): void;
|
|
17
|
+
}
|
|
18
|
+
//# sourceMappingURL=AwsConfigIamClient.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AwsConfigIamClient.d.ts","sourceRoot":"","sources":["../../../../src/awsConfigClients/clients/AwsConfigIamClient.ts"],"names":[],"mappings":"AAeA,OAAO,EAAE,iCAAiC,EAAE,MAAM,uBAAuB,CAAA;AACzE,OAAO,EAAE,cAAc,EAAE,MAAM,uCAAuC,CAAA;AACtE,OAAO,EAAE,sBAAsB,EAAoB,MAAM,8BAA8B,CAAA;AAOvF;;GAEG;AACH,qBAAa,kBAAmB,SAAQ,cAAc,CAAC,sBAAsB,CAAC;IAC5E,MAAM,CAAC,QAAQ,CAAC,UAAU,SAAiB;gBAGzC,OAAO,EAAE;QACP,WAAW,EAAE,iCAAiC,CAAA;QAC9C,MAAM,EAAE,MAAM,GAAG,SAAS,CAAA;KAC3B,EACD,aAAa,EAAE,sBAAsB;IAKvC;;OAEG;IACH,SAAS,CAAC,gBAAgB,IAAI,IAAI;CASnC"}
|
|
@@ -0,0 +1,439 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.AwsConfigIamClient = void 0;
|
|
4
|
+
const client_iam_1 = require("@aws-sdk/client-iam");
|
|
5
|
+
const iam_utils_1 = require("@cloud-copilot/iam-utils");
|
|
6
|
+
const ClientPool_js_1 = require("../../aws/ClientPool.js");
|
|
7
|
+
const AbstractClient_js_1 = require("../../customClients/AbstractClient.js");
|
|
8
|
+
const AwsConfigClientContext_js_1 = require("../AwsConfigClientContext.js");
|
|
9
|
+
const awsConfigUtils_js_1 = require("../awsConfigUtils.js");
|
|
10
|
+
/**
|
|
11
|
+
* AWS Config-based IAM client implementation
|
|
12
|
+
*/
|
|
13
|
+
class AwsConfigIamClient extends AbstractClient_js_1.AbstractClient {
|
|
14
|
+
static clientName = client_iam_1.IAMClient.name;
|
|
15
|
+
constructor(options, customContext) {
|
|
16
|
+
super(options, customContext);
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Register all IAM command implementations
|
|
20
|
+
*/
|
|
21
|
+
registerCommands() {
|
|
22
|
+
this.registerCommand(AwsConfigGetAccountAuthorizationDetailsCommand);
|
|
23
|
+
this.registerCommand(AwsConfigGetOpenIDConnectProviderCommand);
|
|
24
|
+
this.registerCommand(AwsConfigGetSAMLProviderCommand);
|
|
25
|
+
this.registerCommand(AwsConfigListInstanceProfilesCommand);
|
|
26
|
+
this.registerCommand(AwsConfigListOpenIDConnectProvidersCommand);
|
|
27
|
+
this.registerCommand(AwsConfigListSAMLProvidersCommand);
|
|
28
|
+
this.registerCommand(AwsConfigListPolicyTagsCommand);
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
exports.AwsConfigIamClient = AwsConfigIamClient;
|
|
32
|
+
/**
|
|
33
|
+
* Config-based implementation of IAM GetAccountAuthorizationDetailsCommand
|
|
34
|
+
*
|
|
35
|
+
* Aggregates IAM data from multiple Config resource types:
|
|
36
|
+
* - AWS::IAM::Role for roles
|
|
37
|
+
* - AWS::IAM::User for users
|
|
38
|
+
* - AWS::IAM::Group for groups
|
|
39
|
+
* - AWS::IAM::Policy for managed policies
|
|
40
|
+
*/
|
|
41
|
+
const AwsConfigGetAccountAuthorizationDetailsCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
42
|
+
command: client_iam_1.GetAccountAuthorizationDetailsCommand,
|
|
43
|
+
execute: async (input, context) => {
|
|
44
|
+
const nativeIamClient = ClientPool_js_1.AwsClientPool.defaultInstance.client(client_iam_1.IAMClient, context.configCredentials, context.region, undefined);
|
|
45
|
+
const awsManagedPoliciesToFetch = new Set();
|
|
46
|
+
// Query roles from Config
|
|
47
|
+
const rolesQuery = `
|
|
48
|
+
SELECT
|
|
49
|
+
configuration.arn,
|
|
50
|
+
configuration.roleName,
|
|
51
|
+
configuration.path,
|
|
52
|
+
configuration.roleId,
|
|
53
|
+
configuration.createDate,
|
|
54
|
+
configuration.assumeRolePolicyDocument,
|
|
55
|
+
configuration.attachedManagedPolicies,
|
|
56
|
+
configuration.instanceProfileList,
|
|
57
|
+
configuration.rolePolicyList,
|
|
58
|
+
configuration.permissionsBoundary,
|
|
59
|
+
configuration.roleLastUsed,
|
|
60
|
+
tags
|
|
61
|
+
WHERE
|
|
62
|
+
resourceType = 'AWS::IAM::Role'
|
|
63
|
+
AND accountId = '${context.accountId}'
|
|
64
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
65
|
+
`;
|
|
66
|
+
// Query users from Config
|
|
67
|
+
const usersQuery = `
|
|
68
|
+
SELECT
|
|
69
|
+
configuration.arn,
|
|
70
|
+
configuration.userName,
|
|
71
|
+
configuration.path,
|
|
72
|
+
configuration.userId,
|
|
73
|
+
configuration.createDate,
|
|
74
|
+
configuration.attachedManagedPolicies,
|
|
75
|
+
configuration.groupList,
|
|
76
|
+
configuration.userPolicyList,
|
|
77
|
+
configuration.permissionsBoundary,
|
|
78
|
+
tags
|
|
79
|
+
WHERE
|
|
80
|
+
resourceType = 'AWS::IAM::User'
|
|
81
|
+
AND accountId = '${context.accountId}'
|
|
82
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
83
|
+
`;
|
|
84
|
+
// Query groups from Config
|
|
85
|
+
const groupsQuery = `
|
|
86
|
+
SELECT
|
|
87
|
+
configuration.arn,
|
|
88
|
+
configuration.groupName,
|
|
89
|
+
configuration.path,
|
|
90
|
+
configuration.groupId,
|
|
91
|
+
configuration.createDate,
|
|
92
|
+
configuration.attachedManagedPolicies,
|
|
93
|
+
configuration.groupPolicyList,
|
|
94
|
+
tags
|
|
95
|
+
WHERE
|
|
96
|
+
resourceType = 'AWS::IAM::Group'
|
|
97
|
+
AND accountId = '${context.accountId}'
|
|
98
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
99
|
+
`;
|
|
100
|
+
// Query policies from Config
|
|
101
|
+
const policiesQuery = `
|
|
102
|
+
SELECT
|
|
103
|
+
configuration.policyName,
|
|
104
|
+
configuration.policyId,
|
|
105
|
+
configuration.arn,
|
|
106
|
+
configuration.path,
|
|
107
|
+
configuration.createDate,
|
|
108
|
+
configuration.updateDate,
|
|
109
|
+
configuration.policyVersionList,
|
|
110
|
+
configuration.attachmentCount,
|
|
111
|
+
configuration.permissionsBoundaryUsageCount,
|
|
112
|
+
configuration.isAttachable,
|
|
113
|
+
configuration.description,
|
|
114
|
+
tags
|
|
115
|
+
WHERE
|
|
116
|
+
resourceType = 'AWS::IAM::Policy'
|
|
117
|
+
AND accountId = '${context.accountId}'
|
|
118
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
119
|
+
`;
|
|
120
|
+
// Execute all queries
|
|
121
|
+
const [rolesResults, usersResults, groupsResults, policiesResults] = await Promise.all([
|
|
122
|
+
(0, awsConfigUtils_js_1.executeConfigQuery)(rolesQuery, context),
|
|
123
|
+
(0, awsConfigUtils_js_1.executeConfigQuery)(usersQuery, context),
|
|
124
|
+
(0, awsConfigUtils_js_1.executeConfigQuery)(groupsQuery, context),
|
|
125
|
+
(0, awsConfigUtils_js_1.executeConfigQuery)(policiesQuery, context)
|
|
126
|
+
]);
|
|
127
|
+
// Transform Config data to IAM format and collect AWS managed policies
|
|
128
|
+
const roles = rolesResults.map((resultString) => {
|
|
129
|
+
const { configuration, tags } = (0, awsConfigUtils_js_1.parseConfigItem)(resultString);
|
|
130
|
+
// Collect AWS managed policies from this role
|
|
131
|
+
const attachedPolicies = configuration.attachedManagedPolicies || [];
|
|
132
|
+
attachedPolicies.forEach((policy) => {
|
|
133
|
+
if (policy.policyArn && isAwsManagedPolicy(policy.policyArn)) {
|
|
134
|
+
awsManagedPoliciesToFetch.add(policy.policyArn);
|
|
135
|
+
}
|
|
136
|
+
});
|
|
137
|
+
return {
|
|
138
|
+
Arn: configuration.arn,
|
|
139
|
+
RoleName: configuration.roleName,
|
|
140
|
+
Path: configuration.path,
|
|
141
|
+
RoleId: configuration.roleId,
|
|
142
|
+
CreateDate: configuration.createDate ? new Date(configuration.createDate) : undefined,
|
|
143
|
+
AssumeRolePolicyDocument: configuration.assumeRolePolicyDocument,
|
|
144
|
+
AttachedManagedPolicies: configuration.attachedManagedPolicies?.map((ap) => ({
|
|
145
|
+
PolicyName: ap.policyName,
|
|
146
|
+
PolicyArn: ap.policyArn
|
|
147
|
+
})),
|
|
148
|
+
InstanceProfileList: configuration.instanceProfileList,
|
|
149
|
+
RolePolicyList: configuration.rolePolicyList.map((rp) => ({
|
|
150
|
+
PolicyName: rp.policyName,
|
|
151
|
+
PolicyDocument: rp.policyDocument
|
|
152
|
+
})),
|
|
153
|
+
Tags: tags,
|
|
154
|
+
PermissionsBoundary: configuration.permissionsBoundary,
|
|
155
|
+
RoleLastUsed: configuration.roleLastUsed
|
|
156
|
+
};
|
|
157
|
+
});
|
|
158
|
+
const users = usersResults.map((resultString) => {
|
|
159
|
+
const { configuration, tags } = (0, awsConfigUtils_js_1.parseConfigItem)(resultString);
|
|
160
|
+
// Collect AWS managed policies from this user
|
|
161
|
+
const attachedPolicies = configuration.attachedManagedPolicies || [];
|
|
162
|
+
attachedPolicies.forEach((policy) => {
|
|
163
|
+
if (policy.policyArn && isAwsManagedPolicy(policy.policyArn)) {
|
|
164
|
+
awsManagedPoliciesToFetch.add(policy.policyArn);
|
|
165
|
+
}
|
|
166
|
+
});
|
|
167
|
+
return {
|
|
168
|
+
Arn: configuration.arn,
|
|
169
|
+
UserName: configuration.userName,
|
|
170
|
+
Path: configuration.path,
|
|
171
|
+
UserId: configuration.userId,
|
|
172
|
+
CreateDate: configuration.createDate ? new Date(configuration.createDate) : undefined,
|
|
173
|
+
AttachedManagedPolicies: configuration.attachedManagedPolicies.map((ap) => ({
|
|
174
|
+
PolicyName: ap.policyName,
|
|
175
|
+
PolicyArn: ap.policyArn
|
|
176
|
+
})),
|
|
177
|
+
GroupList: configuration.groupList,
|
|
178
|
+
UserPolicyList: configuration.userPolicyList.map((up) => ({
|
|
179
|
+
PolicyName: up.policyName,
|
|
180
|
+
PolicyDocument: up.policyDocument
|
|
181
|
+
})),
|
|
182
|
+
Tags: tags,
|
|
183
|
+
PermissionsBoundary: configuration.permissionsBoundary
|
|
184
|
+
};
|
|
185
|
+
});
|
|
186
|
+
const groups = groupsResults.map((resultString) => {
|
|
187
|
+
const { configuration, tags } = (0, awsConfigUtils_js_1.parseConfigItem)(resultString);
|
|
188
|
+
// Collect AWS managed policies from this group
|
|
189
|
+
const attachedPolicies = configuration.attachedManagedPolicies || [];
|
|
190
|
+
attachedPolicies.forEach((policy) => {
|
|
191
|
+
if (policy.policyArn && isAwsManagedPolicy(policy.policyArn)) {
|
|
192
|
+
awsManagedPoliciesToFetch.add(policy.policyArn);
|
|
193
|
+
}
|
|
194
|
+
});
|
|
195
|
+
return {
|
|
196
|
+
Arn: configuration.arn,
|
|
197
|
+
GroupName: configuration.groupName,
|
|
198
|
+
Path: configuration.path,
|
|
199
|
+
GroupId: configuration.groupId,
|
|
200
|
+
CreateDate: configuration.createDate ? new Date(configuration.createDate) : undefined,
|
|
201
|
+
AttachedManagedPolicies: putInArray(configuration.attachedManagedPolicies).map((ap) => ({
|
|
202
|
+
PolicyName: ap.policyName,
|
|
203
|
+
PolicyArn: ap.policyArn
|
|
204
|
+
})),
|
|
205
|
+
Tags: tags ? Object.entries(tags).map(([key, value]) => ({ Key: key, Value: value })) : [],
|
|
206
|
+
GroupPolicyList: putInArray(configuration.groupPolicyList).map((gp) => ({
|
|
207
|
+
PolicyName: gp.policyName,
|
|
208
|
+
PolicyDocument: gp.policyDocument
|
|
209
|
+
}))
|
|
210
|
+
};
|
|
211
|
+
});
|
|
212
|
+
const policies = policiesResults.map((resultString) => {
|
|
213
|
+
const { configuration, tags } = (0, awsConfigUtils_js_1.parseConfigItem)(resultString);
|
|
214
|
+
return {
|
|
215
|
+
PolicyName: configuration.policyName,
|
|
216
|
+
PolicyId: configuration.policyId,
|
|
217
|
+
Arn: configuration.arn,
|
|
218
|
+
Path: configuration.path,
|
|
219
|
+
CreateDate: configuration.createDate ? new Date(configuration.createDate) : undefined,
|
|
220
|
+
UpdateDate: configuration.updateDate ? new Date(configuration.updateDate) : undefined,
|
|
221
|
+
PolicyVersionList: putInArray(configuration.policyVersionList).map((pv) => ({
|
|
222
|
+
Document: pv.document,
|
|
223
|
+
VersionId: pv.versionId,
|
|
224
|
+
IsDefaultVersion: pv.isDefaultVersion
|
|
225
|
+
})),
|
|
226
|
+
AttachmentCount: configuration.attachmentCount,
|
|
227
|
+
PermissionsBoundaryUsageCount: configuration.permissionsBoundaryUsageCount,
|
|
228
|
+
IsAttachable: configuration.isAttachable,
|
|
229
|
+
Description: configuration.description,
|
|
230
|
+
Tags: tags
|
|
231
|
+
};
|
|
232
|
+
});
|
|
233
|
+
// Fetch AWS managed policy details using native IAM client
|
|
234
|
+
const awsManagedPolicies = [];
|
|
235
|
+
for (const policyArn of awsManagedPoliciesToFetch) {
|
|
236
|
+
const policyDetails = await nativeIamClient.send(new client_iam_1.GetPolicyCommand({ PolicyArn: policyArn }));
|
|
237
|
+
const policyDocument = await nativeIamClient.send(new client_iam_1.GetPolicyVersionCommand({
|
|
238
|
+
PolicyArn: policyArn,
|
|
239
|
+
VersionId: policyDetails.Policy?.DefaultVersionId
|
|
240
|
+
}));
|
|
241
|
+
if (policyDocument.PolicyVersion) {
|
|
242
|
+
awsManagedPolicies.push({
|
|
243
|
+
...policyDetails.Policy,
|
|
244
|
+
PolicyVersionList: [
|
|
245
|
+
{
|
|
246
|
+
Document: policyDocument.PolicyVersion.Document,
|
|
247
|
+
VersionId: policyDocument.PolicyVersion.VersionId,
|
|
248
|
+
IsDefaultVersion: policyDocument.PolicyVersion.IsDefaultVersion
|
|
249
|
+
}
|
|
250
|
+
]
|
|
251
|
+
});
|
|
252
|
+
}
|
|
253
|
+
}
|
|
254
|
+
// Combine customer-managed policies from Config with AWS managed policies from native IAM
|
|
255
|
+
const allPolicies = [...policies, ...awsManagedPolicies];
|
|
256
|
+
return {
|
|
257
|
+
UserDetailList: users,
|
|
258
|
+
GroupDetailList: groups,
|
|
259
|
+
RoleDetailList: roles,
|
|
260
|
+
Policies: allPolicies,
|
|
261
|
+
IsTruncated: false
|
|
262
|
+
};
|
|
263
|
+
}
|
|
264
|
+
});
|
|
265
|
+
/**
|
|
266
|
+
* Config-based implementation of IAM ListInstanceProfilesCommand
|
|
267
|
+
*
|
|
268
|
+
* Note: AWS Config doesn't track InstanceProfile as a separate resource type.
|
|
269
|
+
* Instance profiles are extracted from Role configuration data.
|
|
270
|
+
*/
|
|
271
|
+
const AwsConfigListInstanceProfilesCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
272
|
+
command: client_iam_1.ListInstanceProfilesCommand,
|
|
273
|
+
execute: async (input, context) => {
|
|
274
|
+
// Get roles from Config and extract instance profiles
|
|
275
|
+
const query = `
|
|
276
|
+
SELECT
|
|
277
|
+
configuration.instanceProfileList
|
|
278
|
+
WHERE
|
|
279
|
+
resourceType = 'AWS::IAM::Role'
|
|
280
|
+
AND accountId = '${context.accountId}'
|
|
281
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
282
|
+
`;
|
|
283
|
+
const results = await (0, awsConfigUtils_js_1.executeConfigQuery)(query, context);
|
|
284
|
+
// Extract unique instance profiles from all roles
|
|
285
|
+
const instanceProfilesMap = new Map();
|
|
286
|
+
results.forEach((resultString) => {
|
|
287
|
+
const { configuration } = (0, awsConfigUtils_js_1.parseConfigItem)(resultString);
|
|
288
|
+
const instanceProfiles = configuration.instanceProfileList || [];
|
|
289
|
+
instanceProfiles.forEach((profile) => {
|
|
290
|
+
if (profile.arn && !instanceProfilesMap.has(profile.arn)) {
|
|
291
|
+
instanceProfilesMap.set(profile.arn, {
|
|
292
|
+
Path: profile.path,
|
|
293
|
+
InstanceProfileName: profile.instanceProfileName,
|
|
294
|
+
InstanceProfileId: profile.instanceProfileId,
|
|
295
|
+
Arn: profile.arn,
|
|
296
|
+
CreateDate: profile.createDate ? new Date(profile.createDate) : undefined,
|
|
297
|
+
Roles: profile.roles?.map((r) => ({ Arn: r.arn })) || [],
|
|
298
|
+
Tags: [] // Tags not available in role's instance profile data
|
|
299
|
+
});
|
|
300
|
+
}
|
|
301
|
+
});
|
|
302
|
+
});
|
|
303
|
+
return {
|
|
304
|
+
InstanceProfiles: Array.from(instanceProfilesMap.values()),
|
|
305
|
+
IsTruncated: false // TODO: Handle pagination properly
|
|
306
|
+
};
|
|
307
|
+
}
|
|
308
|
+
});
|
|
309
|
+
/**
|
|
310
|
+
* Config-based implementation of IAM ListOpenIDConnectProvidersCommand
|
|
311
|
+
*/
|
|
312
|
+
const AwsConfigListOpenIDConnectProvidersCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
313
|
+
command: client_iam_1.ListOpenIDConnectProvidersCommand,
|
|
314
|
+
execute: async (input, context) => {
|
|
315
|
+
const query = `
|
|
316
|
+
SELECT
|
|
317
|
+
configuration.Arn,
|
|
318
|
+
configuration.Url,
|
|
319
|
+
configuration.ClientIdList,
|
|
320
|
+
configuration.ThumbprintList,
|
|
321
|
+
tags
|
|
322
|
+
WHERE
|
|
323
|
+
resourceType = 'AWS::IAM::OIDCProvider'
|
|
324
|
+
AND accountId = '${context.accountId}'
|
|
325
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
326
|
+
`;
|
|
327
|
+
const results = await (0, awsConfigUtils_js_1.executeConfigQuery)(query, context);
|
|
328
|
+
const providers = results.map((resultString) => {
|
|
329
|
+
const { configuration, tags } = (0, awsConfigUtils_js_1.parseConfigItem)(resultString);
|
|
330
|
+
context.putCache(configuration.Arn, 'configuration', { configuration, tags });
|
|
331
|
+
return {
|
|
332
|
+
Arn: configuration.Arn
|
|
333
|
+
};
|
|
334
|
+
});
|
|
335
|
+
return {
|
|
336
|
+
OpenIDConnectProviderList: providers
|
|
337
|
+
};
|
|
338
|
+
}
|
|
339
|
+
});
|
|
340
|
+
/**
|
|
341
|
+
* Config-based implementation of IAM GetOpenIDConnectProviderCommand
|
|
342
|
+
*/
|
|
343
|
+
const AwsConfigGetOpenIDConnectProviderCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
344
|
+
command: client_iam_1.GetOpenIDConnectProviderCommand,
|
|
345
|
+
execute: async (input, context) => {
|
|
346
|
+
const { configuration, tags } = context.getCache(input.OpenIDConnectProviderArn, 'configuration');
|
|
347
|
+
return {
|
|
348
|
+
Url: configuration.Url,
|
|
349
|
+
ClientIDList: configuration.ClientIdList,
|
|
350
|
+
ThumbprintList: configuration.ThumbprintList,
|
|
351
|
+
Tags: tags
|
|
352
|
+
};
|
|
353
|
+
}
|
|
354
|
+
});
|
|
355
|
+
/**
|
|
356
|
+
* Config-based implementation of IAM ListSAMLProvidersCommand
|
|
357
|
+
*/
|
|
358
|
+
const AwsConfigListSAMLProvidersCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
359
|
+
command: client_iam_1.ListSAMLProvidersCommand,
|
|
360
|
+
execute: async (input, context) => {
|
|
361
|
+
const query = `
|
|
362
|
+
SELECT
|
|
363
|
+
arn,
|
|
364
|
+
configuration.SamlMetadataDocument,
|
|
365
|
+
tags
|
|
366
|
+
WHERE
|
|
367
|
+
resourceType = 'AWS::IAM::SAMLProvider'
|
|
368
|
+
AND accountId = '${context.accountId}'
|
|
369
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
370
|
+
`;
|
|
371
|
+
const results = await (0, awsConfigUtils_js_1.executeConfigQuery)(query, context);
|
|
372
|
+
const providers = results.map((resultString) => {
|
|
373
|
+
const { configItem, configuration, tags } = (0, awsConfigUtils_js_1.parseConfigItem)(resultString);
|
|
374
|
+
context.putCache(configItem.arn, 'configuration', { configuration, tags });
|
|
375
|
+
return {
|
|
376
|
+
Arn: configItem.arn
|
|
377
|
+
};
|
|
378
|
+
});
|
|
379
|
+
return {
|
|
380
|
+
SAMLProviderList: providers
|
|
381
|
+
};
|
|
382
|
+
}
|
|
383
|
+
});
|
|
384
|
+
/**
|
|
385
|
+
* Config-based implementation of IAM GetSAMLProviderCommand
|
|
386
|
+
*/
|
|
387
|
+
const AwsConfigGetSAMLProviderCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
388
|
+
command: client_iam_1.GetSAMLProviderCommand,
|
|
389
|
+
execute: async (input, context) => {
|
|
390
|
+
const { configuration, tags } = context.getCache(input.SAMLProviderArn, 'configuration');
|
|
391
|
+
return {
|
|
392
|
+
SAMLMetadataDocument: configuration.SamlMetadataDocument,
|
|
393
|
+
Tags: tags
|
|
394
|
+
};
|
|
395
|
+
}
|
|
396
|
+
});
|
|
397
|
+
/**
|
|
398
|
+
* Config-based implementation of IAM ListPolicyTagsCommand
|
|
399
|
+
*/
|
|
400
|
+
const AwsConfigListPolicyTagsCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({
|
|
401
|
+
command: client_iam_1.ListPolicyTagsCommand,
|
|
402
|
+
execute: async (input, context) => {
|
|
403
|
+
const policyName = input.PolicyArn.split('/').pop();
|
|
404
|
+
const query = `
|
|
405
|
+
SELECT
|
|
406
|
+
tags
|
|
407
|
+
WHERE
|
|
408
|
+
resourceType = 'AWS::IAM::Policy'
|
|
409
|
+
AND accountId = '${context.accountId}'
|
|
410
|
+
AND resourceName = '${policyName}'
|
|
411
|
+
AND ${awsConfigUtils_js_1.resourceStatusWhereClause}
|
|
412
|
+
`;
|
|
413
|
+
const results = await (0, awsConfigUtils_js_1.executeConfigQuery)(query, context);
|
|
414
|
+
if (results.length === 0) {
|
|
415
|
+
throw new Error('Policy not found');
|
|
416
|
+
}
|
|
417
|
+
const { tags } = (0, awsConfigUtils_js_1.parseConfigItem)(results[0]);
|
|
418
|
+
return {
|
|
419
|
+
Tags: tags,
|
|
420
|
+
IsTruncated: false
|
|
421
|
+
};
|
|
422
|
+
}
|
|
423
|
+
});
|
|
424
|
+
/**
|
|
425
|
+
* Given an AWS IAM policy ARN, determine if it is an AWS-managed policy
|
|
426
|
+
*
|
|
427
|
+
* @param policyArn the ARN of the IAM policy
|
|
428
|
+
* @returns true if the policy is AWS-managed, false otherwise
|
|
429
|
+
*/
|
|
430
|
+
function isAwsManagedPolicy(policyArn) {
|
|
431
|
+
return (0, iam_utils_1.splitArnParts)(policyArn).accountId === 'aws';
|
|
432
|
+
}
|
|
433
|
+
function putInArray(item) {
|
|
434
|
+
if (item === undefined || item === null) {
|
|
435
|
+
return [];
|
|
436
|
+
}
|
|
437
|
+
return Array.isArray(item) ? item : [item];
|
|
438
|
+
}
|
|
439
|
+
//# sourceMappingURL=AwsConfigIamClient.js.map
|