@cloud-copilot/iam-collect 0.1.2 → 0.1.4

package/dist/esm/persistence/file/FileSystemAdapter.js

@@ -0,0 +1,73 @@
+import { access, mkdir, readdir, readFile, rm, unlink, writeFile } from 'fs/promises';
+import { dirname } from 'path';
+export class FileSystemAdapter {
+    async writeFile(filePath, data) {
+        // Ensure the directory exists
+        const dir = dirname(filePath);
+        await mkdir(dir, { recursive: true });
+        await writeFile(filePath, data);
+    }
+    /**
+     * Read the contents of a file. If the file does not exist, return undefined.
+     *
+     * @param filePath The path to the file to read
+     * @returns The contents of the file as a string, or undefined if the file does not exist.
+     */
+    async readFile(filePath) {
+        try {
+            await access(filePath);
+        }
+        catch (err) {
+            // If the file does not exist, return undefined
+            return undefined;
+        }
+        return await readFile(filePath, { encoding: 'utf8' });
+    }
+    async deleteFile(filePath) {
+        try {
+            await unlink(filePath);
+        }
+        catch (err) {
+            if (err.code !== 'ENOENT') {
+                throw err;
+            }
+        }
+    }
+    async deleteDirectory(dirPath) {
+        try {
+            await rm(dirPath, { recursive: true, force: true });
+        }
+        catch (err) {
+            if (err.code !== 'ENOENT') {
+                throw err;
+            }
+        }
+    }
+    /**
+     * List the contents of a directory. Will return the names of the subdirectories and files without the full path.
+     *
+     * @param dirPath The path to the directory to list
+     * @returns An array of strings representing the names of the subdirectories or files in the specified directory.
+     */
+    async listDirectory(dirPath) {
+        try {
+            await access(dirPath);
+        }
+        catch (err) {
+            // If the directory does not exist, return an empty array
+            return [];
+        }
+        try {
+            const entries = await readdir(dirPath, { withFileTypes: true });
+            // return entries.filter((entry) => entry.isDirectory()).map((entry) => entry.name)
+            return entries.map((e) => e.name);
+        }
+        catch (err) {
+            if (err.code === 'ENOENT') {
+                return [];
+            }
+            throw err;
+        }
+    }
+}
+//# sourceMappingURL=FileSystemAdapter.js.map

package/dist/esm/persistence/file/FileSystemAdapter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"FileSystemAdapter.js","sourceRoot":"","sources":["../../../../src/persistence/file/FileSystemAdapter.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,aAAa,CAAA;AACrF,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAA;AAE9B,MAAM,OAAO,iBAAiB;IAC5B,KAAK,CAAC,SAAS,CAAC,QAAgB,EAAE,IAAqB;QACrD,8BAA8B;QAC9B,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAA;QAC7B,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QACrC,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAA;IACjC,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,QAAQ,CAAC,QAAgB;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAA;QACxB,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,+CAA+C;YAC/C,OAAO,SAAS,CAAA;QAClB,CAAC;QACD,OAAO,MAAM,QAAQ,CAAC,QAAQ,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;IACvD,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,QAAgB;QAC/B,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAA;QACxB,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,eAAe,CAAC,OAAe;QACnC,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAA;QACrD,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,MAAM,GAAG,CAAA;YACX,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,aAAa,CAAC,OAAe;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,CAAC,CAAA;QACvB,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,yDAAyD;YACzD,OAAO,EAAE,CAAA;QACX,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAA;YAC/D,mFAAmF;YACnF,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;QACnC,CAAC;QAAC,OAAO,GAAQ,EAAE,CAAC;YAClB,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,OAAO,EAAE,CAAA;YACX,CAAC;YACD,MAAM,GAAG,CAAA;QACX,CAAC;IACH,CAAC;CACF"}

package/dist/esm/persistence/file/FileSystemAwsIamStore.d.ts

@@ -0,0 +1,19 @@
+import { AwsIamStore, ResourceTypeParts } from '../AwsIamStore.js';
+import { FileSystemAdapter } from './FileSystemAdapter.js';
+export declare class FileSystemAwsIamStore implements AwsIamStore {
+    private readonly baseFolder;
+    private readonly partition;
+    private fsAdapter;
+    constructor(baseFolder: string, partition: string, fsAdapter?: FileSystemAdapter);
+    private accountPath;
+    private buildResourcePath;
+    private buildMetadataPath;
+    saveResourceMetadata(accountId: string, arn: string, metadataType: string, data: string | any): Promise<void>;
+    listResourceMetadata(accountId: string, arn: string): Promise<string[]>;
+    getResourceMetadata<T, D extends T>(accountId: string, arn: string, metadataType: string, defaultValue?: D): Promise<D extends undefined ? T | undefined : T>;
+    deleteResourceMetadata(accountId: string, arn: string, metadataType: string): Promise<void>;
+    deleteResource(accountId: string, arn: string): Promise<void>;
+    listResources(accountId: string, options: ResourceTypeParts): Promise<string[]>;
+    syncResourceList(accountId: string, options: ResourceTypeParts, desiredResources: string[]): Promise<void>;
+}
+//# sourceMappingURL=FileSystemAwsIamStore.d.ts.map

package/dist/esm/persistence/file/FileSystemAwsIamStore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"FileSystemAwsIamStore.d.ts","sourceRoot":"","sources":["../../../../src/persistence/file/FileSystemAwsIamStore.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAA;AAElE,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAE1D,qBAAa,qBAAsB,YAAW,WAAW;IAIrD,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAJ5B,OAAO,CAAC,SAAS,CAAmB;gBAGjB,UAAU,EAAE,MAAM,EAClB,SAAS,EAAE,MAAM,EAClC,SAAS,CAAC,EAAE,iBAAiB;IAS/B,OAAO,CAAC,WAAW;IAInB,OAAO,CAAC,iBAAiB;IAIzB,OAAO,CAAC,iBAAiB;IAKnB,oBAAoB,CACxB,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,EACX,YAAY,EAAE,MAAM,EACpB,IAAI,EAAE,MAAM,GAAG,GAAG,GACjB,OAAO,CAAC,IAAI,CAAC;IAsBV,oBAAoB,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAcvE,mBAAmB,CAAC,CAAC,EAAE,CAAC,SAAS,CAAC,EACtC,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,EACX,YAAY,EAAE,MAAM,EACpB,YAAY,CAAC,EAAE,CAAC,GACf,OAAO,CAAC,CAAC,SAAS,SAAS,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,CAAC;IAS7C,sBAAsB,CAC1B,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,EACX,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,IAAI,CAAC;IAKV,cAAc,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAK7D,aAAa,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAS/E,gBAAgB,CACpB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,iBAAiB,EAC1B,gBAAgB,EAAE,MAAM,EAAE,GACzB,OAAO,CAAC,IAAI,CAAC;CA4BjB"}

package/dist/esm/persistence/file/FileSystemAwsIamStore.js

@@ -0,0 +1,89 @@
+import { join, sep } from 'path';
+import { resourcePrefix, resourceTypePrefix } from '../util.js';
+import { FileSystemAdapter } from './FileSystemAdapter.js';
+export class FileSystemAwsIamStore {
+    constructor(baseFolder, partition, fsAdapter) {
+        this.baseFolder = baseFolder;
+        this.partition = partition;
+        console.log(`Initializing FileSystemAwsIamStore with baseFolder: ${baseFolder}, partition: ${partition}`);
+        this.baseFolder = join(baseFolder, 'aws', partition);
+        this.fsAdapter = fsAdapter || new FileSystemAdapter();
+    }
+    accountPath(accountId) {
+        return join(this.baseFolder, 'accounts', accountId).toLowerCase();
+    }
+    buildResourcePath(accountId, arn) {
+        return resourcePrefix(this.accountPath(accountId), arn, sep).toLowerCase();
+    }
+    buildMetadataPath(accountId, arn, metadataType) {
+        const prefix = this.buildResourcePath(accountId, arn);
+        return join(prefix, `${metadataType}.json`).toLowerCase();
+    }
+    async saveResourceMetadata(accountId, arn, metadataType, data) {
+        if (typeof data === 'string') {
+            data = data.trim();
+        }
+        if (data === undefined ||
+            data === null ||
+            data === '' ||
+            data === '{}' ||
+            data === '[]' ||
+            (Array.isArray(data) && data.length === 0) ||
+            (typeof data === 'object' && Object.keys(data).length === 0)) {
+            await this.deleteResourceMetadata(accountId, arn, metadataType);
+            return;
+        }
+        const content = typeof data === 'string' ? data : JSON.stringify(data, null, 2);
+        const filePath = this.buildMetadataPath(accountId, arn, metadataType);
+        await this.fsAdapter.writeFile(filePath, content);
+    }
+    async listResourceMetadata(accountId, arn) {
+        // List all files in the resource directory to find metadata types
+        const dirPath = this.buildResourcePath(accountId, arn);
+        // console.log(dirPath)
+        const files = await this.fsAdapter.listDirectory(dirPath);
+        // console.log(files)
+        // Filter for files that match the pattern of *.json
+        const metadataTypes = files
+            .filter((file) => file.endsWith('.json'))
+            .map((file) => file.replace('.json', '')); // Remove the .json extension
+        return metadataTypes;
+    }
+    async getResourceMetadata(accountId, arn, metadataType, defaultValue) {
+        const filePath = this.buildMetadataPath(accountId, arn, metadataType);
+        const contents = await this.fsAdapter.readFile(filePath);
+        if (!contents) {
+            return defaultValue;
+        }
+        return JSON.parse(contents);
+    }
+    async deleteResourceMetadata(accountId, arn, metadataType) {
+        const filePath = this.buildMetadataPath(accountId, arn, metadataType);
+        await this.fsAdapter.deleteFile(filePath);
+    }
+    async deleteResource(accountId, arn) {
+        const dirPath = this.buildResourcePath(accountId, arn);
+        await this.fsAdapter.deleteDirectory(dirPath);
+    }
+    async listResources(accountId, options) {
+        const dirPath = resourceTypePrefix(this.accountPath(accountId), { ...options, partition: this.partition }, sep);
+        return await this.fsAdapter.listDirectory(dirPath);
+    }
+    async syncResourceList(accountId, options, desiredResources) {
+        const dirPath = resourceTypePrefix(this.accountPath(accountId), { ...options, partition: this.partition }, sep);
+        const existingSubDirs = (await this.fsAdapter.listDirectory(dirPath)).map((subDir) => join(dirPath, subDir));
+        const desiredDirs = new Set(desiredResources.map((desiredArn) => {
+            const resourceDir = this.buildResourcePath(accountId, desiredArn);
+            return resourceDir;
+        }));
+        // console.log(desiredDirs)
+        // Identify resources that exist in storage but not in desiredResources.
+        const resourcesToDelete = existingSubDirs.filter((s) => !desiredDirs.has(s));
+        for (const resource of resourcesToDelete) {
+            // const resourceDir = join(dirPath, resource)
+            // console.log('Deleting resource directory:', resource)
+            await this.fsAdapter.deleteDirectory(resource);
+        }
+    }
+}
+//# sourceMappingURL=FileSystemAwsIamStore.js.map

package/dist/esm/persistence/file/FileSystemAwsIamStore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"FileSystemAwsIamStore.js","sourceRoot":"","sources":["../../../../src/persistence/file/FileSystemAwsIamStore.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,MAAM,MAAM,CAAA;AAEhC,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAA;AAC/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAA;AAE1D,MAAM,OAAO,qBAAqB;IAGhC,YACmB,UAAkB,EAClB,SAAiB,EAClC,SAA6B;QAFZ,eAAU,GAAV,UAAU,CAAQ;QAClB,cAAS,GAAT,SAAS,CAAQ;QAGlC,OAAO,CAAC,GAAG,CACT,uDAAuD,UAAU,gBAAgB,SAAS,EAAE,CAC7F,CAAA;QACD,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,EAAE,SAAS,CAAC,CAAA;QACpD,IAAI,CAAC,SAAS,GAAG,SAAS,IAAI,IAAI,iBAAiB,EAAE,CAAA;IACvD,CAAC;IAEO,WAAW,CAAC,SAAiB;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC,WAAW,EAAE,CAAA;IACnE,CAAC;IAEO,iBAAiB,CAAC,SAAiB,EAAE,GAAW;QACtD,OAAO,cAAc,CAAC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAA;IAC5E,CAAC;IAEO,iBAAiB,CAAC,SAAiB,EAAE,GAAW,EAAE,YAAoB;QAC5E,MAAM,MAAM,GAAG,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;QACrD,OAAO,IAAI,CAAC,MAAM,EAAE,GAAG,YAAY,OAAO,CAAC,CAAC,WAAW,EAAE,CAAA;IAC3D,CAAC;IAED,KAAK,CAAC,oBAAoB,CACxB,SAAiB,EACjB,GAAW,EACX,YAAoB,EACpB,IAAkB;QAElB,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;QACpB,CAAC;QACD,IACE,IAAI,KAAK,SAAS;YAClB,IAAI,KAAK,IAAI;YACb,IAAI,KAAK,EAAE;YACX,IAAI,KAAK,IAAI;YACb,IAAI,KAAK,IAAI;YACb,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,CAAC;YAC1C,CAAC,OAAO,IAAI,KAAK,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,EAC5D,CAAC;YACD,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,EAAE,GAAG,EAAE,YAAY,CAAC,CAAA;YAC/D,OAAM;QACR,CAAC;QAED,MAAM,OAAO,GAAG,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QAC/E,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,GAAG,EAAE,YAAY,CAAC,CAAA;QACrE,MAAM,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;IACnD,CAAC;IAED,KAAK,CAAC,oBAAoB,CAAC,SAAiB,EAAE,GAAW;QACvD,kEAAkE;QAClE,MAAM,OAAO,GAAG,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;QACtD,uBAAuB;QACvB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;QACzD,qBAAqB;QACrB,oDAAoD;QACpD,MAAM,aAAa,GAAG,KAAK;aACxB,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;aACxC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAA,CAAC,6BAA6B;QAEzE,OAAO,aAAa,CAAA;IACtB,CAAC;IAED,KAAK,CAAC,mBAAmB,CACvB,SAAiB,EACjB,GAAW,EACX,YAAoB,EACpB,YAAgB;QAEhB,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,GAAG,EAAE,YAAY,CAAC,CAAA;QACrE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QACxD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,YAAuD,CAAA;QAChE,CAAC;QACD,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAM,CAAA;IAClC,CAAC;IAED,KAAK,CAAC,sBAAsB,CAC1B,SAAiB,EACjB,GAAW,EACX,YAAoB;QAEpB,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,GAAG,EAAE,YAAY,CAAC,CAAA;QACrE,MAAM,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAA;IAC3C,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,SAAiB,EAAE,GAAW;QACjD,MAAM,OAAO,GAAG,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;QACtD,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,OAAO,CAAC,CAAA;IAC/C,CAAC;IAED,KAAK,CAAC,aAAa,CAAC,SAAiB,EAAE,OAA0B;QAC/D,MAAM,OAAO,GAAG,kBAAkB,CAChC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,EAC3B,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,EACzC,GAAG,CACJ,CAAA;QACD,OAAO,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,OAAO,CAAC,CAAA;IACpD,CAAC;IAED,KAAK,CAAC,gBAAgB,CACpB,SAAiB,EACjB,OAA0B,EAC1B,gBAA0B;QAE1B,MAAM,OAAO,GAAG,kBAAkB,CAChC,IAAI,CAAC,WAAW,CAAC,SAAS,CAAC,EAC3B,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,IAAI,CAAC,SAAS,EAAE,EACzC,GAAG,CACJ,CAAA;QAED,MAAM,eAAe,GAAG,CAAC,MAAM,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CACnF,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CACtB,CAAA;QAED,MAAM,WAAW,GAAG,IAAI,GAAG,CACzB,gBAAgB,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE;YAClC,MAAM,WAAW,GAAG,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;YACjE,OAAO,WAAW,CAAA;QACpB,CAAC,CAAC,CACH,CAAA;QAED,2BAA2B;QAC3B,wEAAwE;QACxE,MAAM,iBAAiB,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QAE5E,KAAK,MAAM,QAAQ,IAAI,iBAAiB,EAAE,CAAC;YACzC,8CAA8C;YAC9C,wDAAwD;YACxD,MAAM,IAAI,CAAC,SAAS,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAA;QAChD,CAAC;IACH,CAAC;CACF"}

package/dist/esm/persistence/util.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Generate a resource prefix given a starting path, a resource ARN, and a separator.
+ * The function uses splitArnParts to get the parts of the ARN and then joins each non-empty part
+ * with the provided separator. The last segment (resourcePath) is URL encoded.
+ *
+ * @param startingPath - The starting path (e.g. a base folder)
+ * @param resourceArn - The full resource ARN.
+ * @param separator - The separator to use (e.g. '/' or '-').
+ * @returns A string that represents the resource prefix.
+ */
+export declare function resourcePrefix(startingPath: string, resourceArn: string, separator: string): string;
+/**
+ * Generate a resource type prefix based on the provided starting path and resource type parts.
+ *
+ * @param startingPath - The starting path (e.g. a base folder)
+ * @param parts - An object containing the components of the resource type
+ * @param separator - the separator to use for joining the parts. This could be '/' or any other string.
+ * @returns A string that represents the resource type prefix.
+ */
+export declare function resourceTypePrefix(startingPath: string, parts: {
+    partition: string;
+    account?: string;
+    service: string;
+    region?: string;
+    resourceType?: string;
+}, separator: string): string;
+export declare function joinPathParts(parts: (string | undefined)[], separator: string): string;
+//# sourceMappingURL=util.d.ts.map

package/dist/esm/persistence/util.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../../src/persistence/util.ts"],"names":[],"mappings":"AAEA;;;;;;;;;GASG;AACH,wBAAgB,cAAc,CAC5B,YAAY,EAAE,MAAM,EACpB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,GAChB,MAAM,CAeR;AAED;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAChC,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE;IACL,SAAS,EAAE,MAAM,CAAA;IACjB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB,EACD,SAAS,EAAE,MAAM,GAChB,MAAM,CAKR;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,CAAC,MAAM,GAAG,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,MAAM,GAAG,MAAM,CAKtF"}

package/dist/esm/persistence/util.js

@@ -0,0 +1,41 @@
+import { splitArnParts } from '../utils/arn.js';
+/**
+ * Generate a resource prefix given a starting path, a resource ARN, and a separator.
+ * The function uses splitArnParts to get the parts of the ARN and then joins each non-empty part
+ * with the provided separator. The last segment (resourcePath) is URL encoded.
+ *
+ * @param startingPath - The starting path (e.g. a base folder)
+ * @param resourceArn - The full resource ARN.
+ * @param separator - The separator to use (e.g. '/' or '-').
+ * @returns A string that represents the resource prefix.
+ */
+export function resourcePrefix(startingPath, resourceArn, separator) {
+    const parts = splitArnParts(resourceArn);
+    return joinPathParts([
+        startingPath,
+        parts.partition,
+        parts.service,
+        parts.region,
+        parts.accountId,
+        parts.resourceType,
+        parts.resourcePath ? encodeURIComponent(parts.resourcePath.trim()) : undefined
+    ], separator);
+}
+/**
+ * Generate a resource type prefix based on the provided starting path and resource type parts.
+ *
+ * @param startingPath - The starting path (e.g. a base folder)
+ * @param parts - An object containing the components of the resource type
+ * @param separator - the separator to use for joining the parts. This could be '/' or any other string.
+ * @returns A string that represents the resource type prefix.
+ */
+export function resourceTypePrefix(startingPath, parts, separator) {
+    return joinPathParts([startingPath, parts.partition, parts.service, parts.region, parts.account, parts.resourceType], separator);
+}
+export function joinPathParts(parts, separator) {
+    // Filter out undefined or empty strings
+    const filteredParts = parts.filter((part) => part !== undefined && part.trim() !== '');
+    // Join the remaining parts with a '/'
+    return filteredParts.join(separator);
+}
+//# sourceMappingURL=util.js.map

package/dist/esm/persistence/util.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"util.js","sourceRoot":"","sources":["../../../src/persistence/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAE/C;;;;;;;;;GASG;AACH,MAAM,UAAU,cAAc,CAC5B,YAAoB,EACpB,WAAmB,EACnB,SAAiB;IAEjB,MAAM,KAAK,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;IAExC,OAAO,aAAa,CAClB;QACE,YAAY;QACZ,KAAK,CAAC,SAAS;QACf,KAAK,CAAC,OAAO;QACb,KAAK,CAAC,MAAM;QACZ,KAAK,CAAC,SAAS;QACf,KAAK,CAAC,YAAY;QAClB,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,kBAAkB,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;KAC/E,EACD,SAAS,CACV,CAAA;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,kBAAkB,CAChC,YAAoB,EACpB,KAMC,EACD,SAAiB;IAEjB,OAAO,aAAa,CAClB,CAAC,YAAY,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,YAAY,CAAC,EAC/F,SAAS,CACV,CAAA;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,KAA6B,EAAE,SAAiB;IAC5E,wCAAwC;IACxC,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAA;IACtF,sCAAsC;IACtC,OAAO,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;AACtC,CAAC"}

package/dist/esm/regions.d.ts

@@ -0,0 +1,3 @@
+import { AwsCredentialIdentityWithMetaData } from './aws/auth.js';
+export declare function getEnabledRegions(credentials: AwsCredentialIdentityWithMetaData): Promise<string[]>;
+//# sourceMappingURL=regions.d.ts.map

package/dist/esm/regions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"regions.d.ts","sourceRoot":"","sources":["../../src/regions.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,iCAAiC,EAAE,MAAM,eAAe,CAAA;AAGjE,wBAAsB,iBAAiB,CACrC,WAAW,EAAE,iCAAiC,GAC7C,OAAO,CAAC,MAAM,EAAE,CAAC,CAUnB"}

package/dist/esm/regions.js

@@ -0,0 +1,12 @@
+import { AccountClient, ListRegionsCommand, RegionOptStatus } from '@aws-sdk/client-account';
+import { isDefined } from './utils/types.js';
+export async function getEnabledRegions(credentials) {
+    const accountClient = new AccountClient({ credentials });
+    const getRegionsCommand = new ListRegionsCommand({
+        RegionOptStatusContains: [RegionOptStatus.ENABLED, RegionOptStatus.ENABLED_BY_DEFAULT]
+    });
+    const result = await accountClient.send(getRegionsCommand);
+    const regions = result.Regions?.map((r) => r.RegionName).filter(isDefined) || [];
+    return regions;
+}
+//# sourceMappingURL=regions.js.map

package/dist/esm/regions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"regions.js","sourceRoot":"","sources":["../../src/regions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,kBAAkB,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAA;AAE5F,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAA;AAE5C,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,WAA8C;IAE9C,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC,EAAE,WAAW,EAAE,CAAC,CAAA;IACxD,MAAM,iBAAiB,GAAG,IAAI,kBAAkB,CAAC;QAC/C,uBAAuB,EAAE,CAAC,eAAe,CAAC,OAAO,EAAE,eAAe,CAAC,kBAAkB,CAAC;KACvF,CAAC,CAAA;IAEF,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;IAC1D,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAW,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,EAAE,CAAA;IAEjF,OAAO,OAAO,CAAA;AAChB,CAAC"}

package/dist/esm/services.d.ts

@@ -0,0 +1,3 @@
+export type AwsService = 'iam' | 'lambda';
+export declare const allServices: AwsService[];
+//# sourceMappingURL=services.d.ts.map

package/dist/esm/services.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"services.d.ts","sourceRoot":"","sources":["../../src/services.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,UAAU,GAAG,KAAK,GAAG,QAAQ,CAAA;AAEzC,eAAO,MAAM,WAAW,EAAE,UAAU,EAAsB,CAAA"}

package/dist/esm/services.js

@@ -0,0 +1,2 @@
+export const allServices = ['iam', 'lambda'];
+//# sourceMappingURL=services.js.map

package/dist/esm/services.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"services.js","sourceRoot":"","sources":["../../src/services.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,WAAW,GAAiB,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAA"}

package/dist/esm/syncs/iam/authorizationDetails.d.ts

@@ -0,0 +1,104 @@
+import { AccessKeyLastUsed, AccessKeyMetadata, GroupDetail, IAMClient, LoginProfile, MFADevice, ManagedPolicyDetail, RoleDetail, Tag, User, UserDetail } from '@aws-sdk/client-iam';
+import { Sync } from '../sync.js';
+interface AccessKeyWithLastUsed extends AccessKeyMetadata {
+    lastUsed?: AccessKeyLastUsed;
+}
+export declare const AuthorizationDetailsSync: Sync;
+/**
+ * Get the access keys for an IAM user.
+ *
+ * @param region The region to use for the API call
+ * @param credentials The credentials to use for the API call
+ * @param userName The name of the user to lookup the access keys for
+ * @returns Returns a list of access keys for the user. Will return an empty array if there are no access keys
+ */
+export declare function getAccessKeysForUser(client: IAMClient, userName: string): Promise<AccessKeyWithLastUsed[]>;
+/**
+ * Get the login profile for an IAM user if it exists.
+ *
+ * @param region The region to use for the API call
+ * @param credentials The credentials to use for the API call
+ * @param userName The name of the user to lookup the login profile for
+ * @returns Returns the login profile for the user if it exists. Otherwise returns undefined
+ */
+export declare function getLoginProfileForUser(client: IAMClient, userName: string): Promise<LoginProfile | undefined>;
+/**
+ * Get the MFA devices for an IAM user.
+ *
+ * @param region The region to use for the API call
+ * @param credentials The credentials to use for the API call
+ * @param userName The name of the user to lookup the MFA devices for
+ * @returns Returns a list of MFA devices for the user. Will return an empty array if there are no MFA devices.
+ */
+export declare function getMfaDevicesForUser(client: IAMClient, userName: string): Promise<MFADevice[]>;
+/**
+ * Parses a username out of an ARN. Does not validate the ARN is a valid IAM user ARN.
+ *
+ * @param arn The arn to parse the username out of
+ * @returns Returns the username from the ARN
+ */
+export declare function parseUsernameFromArn(arn: string): string;
+/**
+ * Get all IAM users in an account.
+ *
+ * @param region The region to use for the API call
+ * @param credentials The credentials to use for the API call
+ * @returns Returns a list of all IAM users in the account
+ */
+export declare function getAllUsers(client: IAMClient): Promise<User[]>;
+export interface UserWithMetadata extends User {
+    metadata: {
+        hasConsoleAccess: boolean;
+        createdAt: Date;
+        passwordChanged?: Date;
+        passwordLastUsed?: Date;
+        mfaEnabled: boolean;
+        numberAccessKeys: number;
+        oldestAccessKey?: Date;
+        accessKeyLastUsed?: Date;
+        accessKeys?: AccessKeyWithLastUsed[];
+        managedPolicies: string[];
+        inlinePolicies: any[];
+        groups: string[];
+    };
+}
+/**
+ * Get all IAM users in an account with metadata about each user.
+ *
+ * @param region The region to use for the API call
+ * @param credentials The credentials to use for the API call
+ * @returns Returns all users for the account with metadata about each user
+ */
+export declare function getAllUsersWithMetadata(client: IAMClient): Promise<UserWithMetadata[]>;
+interface ManagedPolicyDetailWithExtraData extends ManagedPolicyDetail {
+    Tags?: Tag[];
+}
+/**
+ * Return the results of the Authorization Details call for this account.
+ * Excludes users and AWS managed policies.
+ *
+ * @param credentials The credentials to use for the API call
+ * @returns Returns the results of the Authorization Details call for this account
+ */
+export declare function getAuthorizationDetails(client: IAMClient): Promise<{
+    groups: GroupDetail[];
+    roles: RoleDetail[];
+    policies: ManagedPolicyDetailWithExtraData[];
+    awsManagedPolicies: ManagedPolicyDetail[];
+    users: UserDetail[];
+}>;
+interface AttachedPolicy {
+    name: string;
+    document: any;
+}
+/**
+ * Gets the policies that are attached directly to a role. Does not include managed policies.
+ *
+ * @param credentials The credentials to use for the API call
+ * @param roleName The name of the role to get the policies for
+ * @returns Returns the policies that are attached directly to the role
+ */
+export declare function getPoliciesAttachedDirectlyToRole(client: IAMClient, roleName: string): Promise<AttachedPolicy[]>;
+export declare function getManagedPoliciesAttachedToRole(client: IAMClient, roleName: string): Promise<import("@aws-sdk/client-iam").AttachedPolicy[]>;
+export {};
+//# sourceMappingURL=authorizationDetails.d.ts.map

package/dist/esm/syncs/iam/authorizationDetails.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"authorizationDetails.d.ts","sourceRoot":"","sources":["../../../../src/syncs/iam/authorizationDetails.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,iBAAiB,EAOjB,WAAW,EACX,SAAS,EAUT,YAAY,EACZ,SAAS,EACT,mBAAmB,EACnB,UAAU,EACV,GAAG,EACH,IAAI,EACJ,UAAU,EACX,MAAM,qBAAqB,CAAA;AAM5B,OAAO,EAAE,IAAI,EAAY,MAAM,YAAY,CAAA;AAE3C,UAAU,qBAAsB,SAAQ,iBAAiB;IACvD,QAAQ,CAAC,EAAE,iBAAiB,CAAA;CAC7B;AAED,eAAO,MAAM,wBAAwB,EAAE,IAwJtC,CAAA;AAED;;;;;;;GAOG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,qBAAqB,EAAE,CAAC,CAsBlC;AAED;;;;;;;GAOG;AACH,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC,CAOnC;AAED;;;;;;;GAOG;AACH,wBAAsB,oBAAoB,CACxC,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,SAAS,EAAE,CAAC,CAQtB;AAED;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAExD;AAED;;;;;;GAMG;AACH,wBAAsB,WAAW,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,CAepE;AAED,MAAM,WAAW,gBAAiB,SAAQ,IAAI;IAC5C,QAAQ,EAAE;QACR,gBAAgB,EAAE,OAAO,CAAA;QACzB,SAAS,EAAE,IAAI,CAAA;QACf,eAAe,CAAC,EAAE,IAAI,CAAA;QACtB,gBAAgB,CAAC,EAAE,IAAI,CAAA;QACvB,UAAU,EAAE,OAAO,CAAA;QACnB,gBAAgB,EAAE,MAAM,CAAA;QACxB,eAAe,CAAC,EAAE,IAAI,CAAA;QACtB,iBAAiB,CAAC,EAAE,IAAI,CAAA;QACxB,UAAU,CAAC,EAAE,qBAAqB,EAAE,CAAA;QACpC,eAAe,EAAE,MAAM,EAAE,CAAA;QACzB,cAAc,EAAE,GAAG,EAAE,CAAA;QACrB,MAAM,EAAE,MAAM,EAAE,CAAA;KACjB,CAAA;CACF;AAED;;;;;;GAMG;AACH,wBAAsB,uBAAuB,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAI5F;AAuDD,UAAU,gCAAiC,SAAQ,mBAAmB;IACpE,IAAI,CAAC,EAAE,GAAG,EAAE,CAAA;CACb;AAED;;;;;;GAMG;AACH,wBAAsB,uBAAuB,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC;IACxE,MAAM,EAAE,WAAW,EAAE,CAAA;IACrB,KAAK,EAAE,UAAU,EAAE,CAAA;IACnB,QAAQ,EAAE,gCAAgC,EAAE,CAAA;IAC5C,kBAAkB,EAAE,mBAAmB,EAAE,CAAA;IACzC,KAAK,EAAE,UAAU,EAAE,CAAA;CACpB,CAAC,CA8CD;AAqBD,UAAU,cAAc;IACtB,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,GAAG,CAAA;CACd;AAED;;;;;;GAMG;AACH,wBAAsB,iCAAiC,CACrD,MAAM,EAAE,SAAS,EACjB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,cAAc,EAAE,CAAC,CAiB3B;AAED,wBAAsB,gCAAgC,CAAC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,2DAMzF"}