@cloud-copilot/iam-collect 0.1.67 → 0.1.69
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/dist/cjs/indexing/indexMap.d.ts.map +1 -1
- package/dist/cjs/indexing/indexMap.js +2 -0
- package/dist/cjs/indexing/indexMap.js.map +1 -1
- package/dist/cjs/indexing/indexers/iamPrincipalsToTrustPolicies.d.ts +7 -0
- package/dist/cjs/indexing/indexers/iamPrincipalsToTrustPolicies.d.ts.map +1 -0
- package/dist/cjs/indexing/indexers/iamPrincipalsToTrustPolicies.js +59 -0
- package/dist/cjs/indexing/indexers/iamPrincipalsToTrustPolicies.js.map +1 -0
- package/dist/cjs/syncs/lambda/lambda.d.ts +3 -1
- package/dist/cjs/syncs/lambda/lambda.d.ts.map +1 -1
- package/dist/cjs/syncs/lambda/lambda.js +46 -1
- package/dist/cjs/syncs/lambda/lambda.js.map +1 -1
- package/dist/cjs/syncs/sync.d.ts +11 -0
- package/dist/cjs/syncs/sync.d.ts.map +1 -1
- package/dist/cjs/syncs/sync.js +11 -0
- package/dist/cjs/syncs/sync.js.map +1 -1
- package/dist/cjs/syncs/syncMap.d.ts.map +1 -1
- package/dist/cjs/syncs/syncMap.js +1 -0
- package/dist/cjs/syncs/syncMap.js.map +1 -1
- package/dist/esm/indexing/indexMap.d.ts.map +1 -1
- package/dist/esm/indexing/indexMap.js +2 -0
- package/dist/esm/indexing/indexMap.js.map +1 -1
- package/dist/esm/indexing/indexers/iamPrincipalsToTrustPolicies.d.ts +7 -0
- package/dist/esm/indexing/indexers/iamPrincipalsToTrustPolicies.d.ts.map +1 -0
- package/dist/esm/indexing/indexers/iamPrincipalsToTrustPolicies.js +56 -0
- package/dist/esm/indexing/indexers/iamPrincipalsToTrustPolicies.js.map +1 -0
- package/dist/esm/syncs/lambda/lambda.d.ts +3 -1
- package/dist/esm/syncs/lambda/lambda.d.ts.map +1 -1
- package/dist/esm/syncs/lambda/lambda.js +47 -2
- package/dist/esm/syncs/lambda/lambda.js.map +1 -1
- package/dist/esm/syncs/sync.d.ts +11 -0
- package/dist/esm/syncs/sync.d.ts.map +1 -1
- package/dist/esm/syncs/sync.js +11 -0
- package/dist/esm/syncs/sync.js.map +1 -1
- package/dist/esm/syncs/syncMap.d.ts.map +1 -1
- package/dist/esm/syncs/syncMap.js +2 -1
- package/dist/esm/syncs/syncMap.js.map +1 -1
- package/package.json +2 -1
package/README.md
CHANGED
|
@@ -124,6 +124,7 @@ This will show you your data that was downloaded. See the [storage docs](docs/St
|
|
|
124
124
|
| glue | Root Catalogs | policy |
|
|
125
125
|
| kms | Keys | id, policy, tags |
|
|
126
126
|
| lambda | Functions | name, role, tags, policy |
|
|
127
|
+
| lambda | Layer Versions | name, arn, version, policy |
|
|
127
128
|
| ram | Shared Resources | arn, resource shares, resource policy |
|
|
128
129
|
| s3 | Access Points | name, bucket, bucket account, policy, block public access configuration, network origin, vpc, alias, endpoints |
|
|
129
130
|
| s3 | Buckets | name, region, tags, policy, block public access configuration, default encryption |
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"indexMap.d.ts","sourceRoot":"","sources":["../../../src/indexing/indexMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAoB,MAAM,gBAAgB,CAAA;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;
|
|
1
|
+
{"version":3,"file":"indexMap.d.ts","sourceRoot":"","sources":["../../../src/indexing/indexMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAoB,MAAM,gBAAgB,CAAA;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAyBtC;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,EAAE,CAE5E"}
|
|
@@ -5,10 +5,12 @@ const services_js_1 = require("../services.js");
|
|
|
5
5
|
const accountOrgs_js_1 = require("./indexers/accountOrgs.js");
|
|
6
6
|
const apigateways_js_1 = require("./indexers/apigateways.js");
|
|
7
7
|
const buckets_js_1 = require("./indexers/buckets.js");
|
|
8
|
+
const iamPrincipalsToTrustPolicies_js_1 = require("./indexers/iamPrincipalsToTrustPolicies.js");
|
|
8
9
|
const vpcEndpoints_js_1 = require("./indexers/vpcEndpoints.js");
|
|
9
10
|
const allIndexers = [
|
|
10
11
|
accountOrgs_js_1.AccountOrganizationIndexer,
|
|
11
12
|
apigateways_js_1.ApiGatewayIndexer,
|
|
13
|
+
iamPrincipalsToTrustPolicies_js_1.IamPrincipalsToTrustPoliciesIndexer,
|
|
12
14
|
buckets_js_1.S3BucketIndexer,
|
|
13
15
|
vpcEndpoints_js_1.VpcEndpointIndexer
|
|
14
16
|
];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"indexMap.js","sourceRoot":"","sources":["../../../src/indexing/indexMap.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"indexMap.js","sourceRoot":"","sources":["../../../src/indexing/indexMap.ts"],"names":[],"mappings":";;AAgCA,sDAEC;AAlCD,gDAA6D;AAE7D,8DAAsE;AACtE,8DAA6D;AAC7D,sDAAuD;AACvD,gGAAgG;AAChG,gEAA+D;AAE/D,MAAM,WAAW,GAAmB;IAClC,2CAA0B;IAC1B,kCAAiB;IACjB,qEAAmC;IACnC,4BAAe;IACf,oCAAkB;CACnB,CAAA;AAED,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA0B,CAAA;AAElD,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,OAAO,GAAG,IAAA,8BAAgB,EAAC,OAAO,CAAC,UAAU,CAAC,CAAA;IACpD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;IAC3B,CAAC;IACD,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;AACtC,CAAC;AAED;;;;;GAKG;AACH,SAAgB,qBAAqB,CAAC,UAAsB;IAC1D,OAAO,QAAQ,CAAC,GAAG,CAAC,IAAA,8BAAgB,EAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAA;AACzD,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { Indexer } from '../indexer.js';
|
|
2
|
+
interface PrincipalsToTrustPoliciesIndex {
|
|
3
|
+
[key: string]: Partial<Record<'principal' | 'notprincipal', Record<string, string[]>>>;
|
|
4
|
+
}
|
|
5
|
+
export declare const IamPrincipalsToTrustPoliciesIndexer: Indexer<PrincipalsToTrustPoliciesIndex>;
|
|
6
|
+
export {};
|
|
7
|
+
//# sourceMappingURL=iamPrincipalsToTrustPolicies.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"iamPrincipalsToTrustPolicies.d.ts","sourceRoot":"","sources":["../../../../src/indexing/indexers/iamPrincipalsToTrustPolicies.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAA;AAEvC,UAAU,8BAA8B;IACtC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,WAAW,GAAG,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,CAAA;CACvF;AAID,eAAO,MAAM,mCAAmC,EAAE,OAAO,CAAC,8BAA8B,CAiCvF,CAAA"}
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.IamPrincipalsToTrustPoliciesIndexer = void 0;
|
|
4
|
+
const iam_policy_1 = require("@cloud-copilot/iam-policy");
|
|
5
|
+
const indexName = 'principals-to-trust-policies';
|
|
6
|
+
exports.IamPrincipalsToTrustPoliciesIndexer = {
|
|
7
|
+
awsService: 'iam',
|
|
8
|
+
name: 'principalsToTrustPolicies',
|
|
9
|
+
getCache: async (storage) => {
|
|
10
|
+
const data = await storage.getIndex(indexName, {});
|
|
11
|
+
return data;
|
|
12
|
+
},
|
|
13
|
+
saveCache: async (storage, cache, lockId) => {
|
|
14
|
+
return storage.saveIndex(indexName, cache, lockId);
|
|
15
|
+
},
|
|
16
|
+
updateCache: async (existingCache, accountId, regions, storage) => {
|
|
17
|
+
// Delete any existing record for the account
|
|
18
|
+
existingCache[accountId] = {};
|
|
19
|
+
// Get all the trust policies for the account
|
|
20
|
+
const roles = await storage.findResourceMetadata(accountId, {
|
|
21
|
+
service: 'iam',
|
|
22
|
+
resourceType: 'role',
|
|
23
|
+
account: accountId
|
|
24
|
+
});
|
|
25
|
+
for (const role of roles) {
|
|
26
|
+
const trustPolicy = await storage.getResourceMetadata(accountId, role.arn, 'trust-policy');
|
|
27
|
+
if (trustPolicy) {
|
|
28
|
+
const parsedPolicy = (0, iam_policy_1.loadPolicy)(trustPolicy);
|
|
29
|
+
updateCacheForPolicy(existingCache, accountId, role.arn, parsedPolicy);
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
}
|
|
33
|
+
};
|
|
34
|
+
function updateCacheForPolicy(cache, accountId, roleArn, policy) {
|
|
35
|
+
for (const statement of policy.statements()) {
|
|
36
|
+
if (statement.isAllow()) {
|
|
37
|
+
if (statement.isPrincipalStatement()) {
|
|
38
|
+
for (const principal of statement.principals()) {
|
|
39
|
+
updateCacheForPrincipal(cache, accountId, roleArn, 'principal', principal.value());
|
|
40
|
+
}
|
|
41
|
+
}
|
|
42
|
+
else if (statement.isNotPrincipalStatement()) {
|
|
43
|
+
for (const principal of statement.notPrincipals()) {
|
|
44
|
+
updateCacheForPrincipal(cache, accountId, roleArn, 'notprincipal', principal.value());
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
function updateCacheForPrincipal(cache, accountId, roleArn, type, principal) {
|
|
51
|
+
if (!cache[accountId][type]) {
|
|
52
|
+
cache[accountId][type] = {};
|
|
53
|
+
}
|
|
54
|
+
if (!cache[accountId][type][principal]) {
|
|
55
|
+
cache[accountId][type][principal] = [];
|
|
56
|
+
}
|
|
57
|
+
cache[accountId][type][principal].push(roleArn);
|
|
58
|
+
}
|
|
59
|
+
//# sourceMappingURL=iamPrincipalsToTrustPolicies.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"iamPrincipalsToTrustPolicies.js","sourceRoot":"","sources":["../../../../src/indexing/indexers/iamPrincipalsToTrustPolicies.ts"],"names":[],"mappings":";;;AAAA,0DAA8D;AAO9D,MAAM,SAAS,GAAG,8BAA8B,CAAA;AAEnC,QAAA,mCAAmC,GAA4C;IAC1F,UAAU,EAAE,KAAK;IACjB,IAAI,EAAE,2BAA2B;IACjC,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAC1B,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;QAClD,OAAO,IAAI,CAAA;IACb,CAAC;IACD,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE;QAC1C,OAAO,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;IACpD,CAAC;IACD,WAAW,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE;QAChE,6CAA6C;QAC7C,aAAa,CAAC,SAAS,CAAC,GAAG,EAAE,CAAA;QAE7B,6CAA6C;QAC7C,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,oBAAoB,CAAkB,SAAS,EAAE;YAC3E,OAAO,EAAE,KAAK;YACd,YAAY,EAAE,MAAM;YACpB,OAAO,EAAE,SAAS;SACnB,CAAC,CAAA;QAEF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,mBAAmB,CACnD,SAAS,EACT,IAAI,CAAC,GAAG,EACR,cAAc,CACf,CAAA;YACD,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,YAAY,GAAG,IAAA,uBAAU,EAAC,WAAW,CAAC,CAAA;gBAC5C,oBAAoB,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YACxE,CAAC;QACH,CAAC;IACH,CAAC;CACF,CAAA;AAED,SAAS,oBAAoB,CAC3B,KAAqC,EACrC,SAAiB,EACjB,OAAe,EACf,MAAc;IAEd,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QAC5C,IAAI,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC;YACxB,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;gBACrC,KAAK,MAAM,SAAS,IAAI,SAAS,CAAC,UAAU,EAAE,EAAE,CAAC;oBAC/C,uBAAuB,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;gBACpF,CAAC;YACH,CAAC;iBAAM,IAAI,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC;gBAC/C,KAAK,MAAM,SAAS,IAAI,SAAS,CAAC,aAAa,EAAE,EAAE,CAAC;oBAClD,uBAAuB,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;gBACvF,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,uBAAuB,CAC9B,KAAqC,EACrC,SAAiB,EACjB,OAAe,EACf,IAAkC,EAClC,SAAiB;IAEjB,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAA;IAC7B,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC;QACvC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,GAAG,EAAE,CAAA;IACxC,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;AACjD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"lambda.d.ts","sourceRoot":"","sources":["../../../../src/syncs/lambda/lambda.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"lambda.d.ts","sourceRoot":"","sources":["../../../../src/syncs/lambda/lambda.ts"],"names":[],"mappings":"AAYA,OAAO,EAAc,IAAI,EAAY,MAAM,YAAY,CAAA;AAGvD,eAAO,MAAM,UAAU,MA6CtB,CAAA;AAED,eAAO,MAAM,uBAAuB,EAAE,IA2DrC,CAAA"}
|
|
@@ -1,9 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.LambdaSync = void 0;
|
|
3
|
+
exports.LambdaLayerVersionsSync = exports.LambdaSync = void 0;
|
|
4
4
|
const client_lambda_1 = require("@aws-sdk/client-lambda");
|
|
5
|
+
const ClientPool_js_1 = require("../../aws/ClientPool.js");
|
|
5
6
|
const client_tools_js_1 = require("../../utils/client-tools.js");
|
|
6
7
|
const json_js_1 = require("../../utils/json.js");
|
|
8
|
+
const sync_js_1 = require("../sync.js");
|
|
7
9
|
const typedSync_js_1 = require("../typedSync.js");
|
|
8
10
|
exports.LambdaSync = (0, typedSync_js_1.createTypedSyncOperation)('lambda', 'lambdaFunctions', (0, typedSync_js_1.createResourceSyncType)({
|
|
9
11
|
client: client_lambda_1.LambdaClient,
|
|
@@ -43,4 +45,47 @@ exports.LambdaSync = (0, typedSync_js_1.createTypedSyncOperation)('lambda', 'lam
|
|
|
43
45
|
policy: func.extraFields.policy
|
|
44
46
|
})
|
|
45
47
|
}));
|
|
48
|
+
exports.LambdaLayerVersionsSync = {
|
|
49
|
+
awsService: 'lambda',
|
|
50
|
+
name: 'lambdaLayerVersions',
|
|
51
|
+
execute: async (accountId, region, credentials, storage, endpoint, syncOptions) => {
|
|
52
|
+
const lambdaClient = ClientPool_js_1.AwsClientPool.defaultInstance.client(client_lambda_1.LambdaClient, credentials, region, endpoint);
|
|
53
|
+
const allLayers = await (0, typedSync_js_1.paginateResource)(lambdaClient, client_lambda_1.ListLayersCommand, 'Layers', {
|
|
54
|
+
inputKey: 'Marker',
|
|
55
|
+
outputKey: 'NextMarker'
|
|
56
|
+
});
|
|
57
|
+
const allLayerVersions = [];
|
|
58
|
+
for (const layer of allLayers) {
|
|
59
|
+
const layerVersions = await (0, typedSync_js_1.paginateResource)(lambdaClient, client_lambda_1.ListLayerVersionsCommand, 'LayerVersions', {
|
|
60
|
+
inputKey: 'Marker',
|
|
61
|
+
outputKey: 'NextMarker'
|
|
62
|
+
}, {
|
|
63
|
+
LayerName: layer.LayerName
|
|
64
|
+
});
|
|
65
|
+
for (const version of layerVersions) {
|
|
66
|
+
const policy = await (0, client_tools_js_1.runAndCatch404)(async () => {
|
|
67
|
+
const policyResult = await lambdaClient.send(new client_lambda_1.GetLayerVersionPolicyCommand({
|
|
68
|
+
LayerName: layer.LayerName,
|
|
69
|
+
VersionNumber: version.Version
|
|
70
|
+
}));
|
|
71
|
+
return (0, json_js_1.parseIfPresent)(policyResult.Policy);
|
|
72
|
+
});
|
|
73
|
+
allLayerVersions.push({
|
|
74
|
+
arn: version.LayerVersionArn,
|
|
75
|
+
metadata: {
|
|
76
|
+
name: layer.LayerName,
|
|
77
|
+
version: version.Version
|
|
78
|
+
},
|
|
79
|
+
policy: policy
|
|
80
|
+
});
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
await (0, sync_js_1.syncData)(allLayerVersions, storage, accountId, {
|
|
84
|
+
service: 'lambda',
|
|
85
|
+
resourceType: 'layer',
|
|
86
|
+
account: accountId,
|
|
87
|
+
region: region
|
|
88
|
+
});
|
|
89
|
+
}
|
|
90
|
+
};
|
|
46
91
|
//# sourceMappingURL=lambda.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"lambda.js","sourceRoot":"","sources":["../../../../src/syncs/lambda/lambda.ts"],"names":[],"mappings":";;;AAAA,
|
|
1
|
+
{"version":3,"file":"lambda.js","sourceRoot":"","sources":["../../../../src/syncs/lambda/lambda.ts"],"names":[],"mappings":";;;AAAA,0DAQ+B;AAC/B,2DAAuD;AACvD,iEAA4D;AAC5D,iDAAoD;AACpD,wCAAuD;AACvD,kDAAoG;AAEvF,QAAA,UAAU,GAAG,IAAA,uCAAwB,EAChD,QAAQ,EACR,iBAAiB,EACjB,IAAA,qCAAsB,EAAC;IACrB,MAAM,EAAE,4BAAY;IACpB,OAAO,EAAE,oCAAoB;IAC7B,GAAG,EAAE,WAAW;IAChB,gBAAgB,EAAE;QAChB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,YAAY;KACxB;IACD,iBAAiB,EAAE,CAAC,SAAiB,EAAE,MAAc,EAAE,EAAE,CAAC,CAAC;QACzD,OAAO,EAAE,QAAQ;QACjB,YAAY,EAAE,UAAU;QACxB,OAAO,EAAE,SAAS;QAClB,MAAM,EAAE,MAAM;KACf,CAAC;IACF,WAAW,EAAE;QACX,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;YAC/B,OAAO,IAAA,gCAAc,EAAC,KAAK,IAAI,EAAE;gBAC/B,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,IAAI,CACjC,IAAI,+BAAe,CAAC,EAAE,QAAQ,EAAE,QAAQ,CAAC,WAAW,EAAE,CAAC,CACxD,CAAA;gBACD,OAAO,SAAS,CAAC,IAAI,CAAA;YACvB,CAAC,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;YACjC,OAAO,IAAA,gCAAc,EAAC,KAAK,IAAI,EAAE;gBAC/B,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,IAAI,CACpC,IAAI,gCAAgB,CAAC,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC,CAC9D,CAAA;gBACD,OAAO,IAAA,wBAAc,EAAC,YAAY,CAAC,MAAM,CAAC,CAAA;YAC5C,CAAC,CAAC,CAAA;QACJ,CAAC;KACF;IACD,IAAI,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI;IACrC,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAY;IAChC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAClB,QAAQ,EAAE;YACR,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,YAAY;SACxB;QACD,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,MAAM;KAChC,CAAC;CACH,CAAC,CACH,CAAA;AAEY,QAAA,uBAAuB,GAAS;IAC3C,UAAU,EAAE,QAAQ;IACpB,IAAI,EAAE,qBAAqB;IAC3B,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,EAAE;QAChF,MAAM,YAAY,GAAG,6BAAa,CAAC,eAAe,CAAC,MAAM,CACvD,4BAAY,EACZ,WAAW,EACX,MAAM,EACN,QAAQ,CACT,CAAA;QACD,MAAM,SAAS,GAAG,MAAM,IAAA,+BAAgB,EAAC,YAAY,EAAE,iCAAiB,EAAE,QAAQ,EAAE;YAClF,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,YAAY;SACxB,CAAC,CAAA;QAEF,MAAM,gBAAgB,GAAiB,EAAE,CAAA;QACzC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,MAAM,aAAa,GAAG,MAAM,IAAA,+BAAgB,EAC1C,YAAY,EACZ,wCAAwB,EACxB,eAAe,EACf;gBACE,QAAQ,EAAE,QAAQ;gBAClB,SAAS,EAAE,YAAY;aACxB,EACD;gBACE,SAAS,EAAE,KAAK,CAAC,SAAS;aAC3B,CACF,CAAA;YAED,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;gBACpC,MAAM,MAAM,GAAG,MAAM,IAAA,gCAAc,EAAC,KAAK,IAAI,EAAE;oBAC7C,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,IAAI,CAC1C,IAAI,4CAA4B,CAAC;wBAC/B,SAAS,EAAE,KAAK,CAAC,SAAU;wBAC3B,aAAa,EAAE,OAAO,CAAC,OAAO;qBAC/B,CAAC,CACH,CAAA;oBACD,OAAO,IAAA,wBAAc,EAAC,YAAY,CAAC,MAAM,CAAC,CAAA;gBAC5C,CAAC,CAAC,CAAA;gBAEF,gBAAgB,CAAC,IAAI,CAAC;oBACpB,GAAG,EAAE,OAAO,CAAC,eAAgB;oBAC7B,QAAQ,EAAE;wBACR,IAAI,EAAE,KAAK,CAAC,SAAS;wBACrB,OAAO,EAAE,OAAO,CAAC,OAAO;qBACzB;oBACD,MAAM,EAAE,MAAM;iBACf,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,MAAM,IAAA,kBAAQ,EAAC,gBAAgB,EAAE,OAAO,EAAE,SAAS,EAAE;YACnD,OAAO,EAAE,QAAQ;YACjB,YAAY,EAAE,OAAO;YACrB,OAAO,EAAE,SAAS;YAClB,MAAM,EAAE,MAAM;SACf,CAAC,CAAA;IACJ,CAAC;CACF,CAAA"}
|
package/dist/cjs/syncs/sync.d.ts
CHANGED
|
@@ -24,5 +24,16 @@ export interface Sync {
|
|
|
24
24
|
export type DataRecord = Record<string, any> & {
|
|
25
25
|
arn: string;
|
|
26
26
|
};
|
|
27
|
+
/**
|
|
28
|
+
* Synchronize the data for a given set of resources.
|
|
29
|
+
* This will:
|
|
30
|
+
* 1. Delete any resources that meet the `resourceTypeParts` and are not in the `records` list.
|
|
31
|
+
* 2. Save all resources that are in the `records`.
|
|
32
|
+
*
|
|
33
|
+
* @param records
|
|
34
|
+
* @param storage
|
|
35
|
+
* @param accountId
|
|
36
|
+
* @param resourceTypeParts
|
|
37
|
+
*/
|
|
27
38
|
export declare function syncData(records: DataRecord[], storage: AwsIamStore, accountId: string, resourceTypeParts: ResourceTypeParts): Promise<void>;
|
|
28
39
|
//# sourceMappingURL=sync.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sync.d.ts","sourceRoot":"","sources":["../../../src/syncs/sync.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iCAAiC,EAAE,MAAM,oBAAoB,CAAA;AACtE,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAA;AAC9E,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAE3C,MAAM,WAAW,WAAW;CAAG;AAE/B,MAAM,WAAW,IAAI;IACnB;;OAEG;IACH,UAAU,EAAE,UAAU,CAAA;IAEtB;;OAEG;IACH,IAAI,EAAE,MAAM,CAAA;IAEZ;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,CAAA;IAEhB;;OAEG;IACH,OAAO,CACL,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,iCAAiC,EAC9C,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,WAAW,EAAE,WAAW,GACvB,OAAO,CAAC,IAAI,CAAC,CAAA;CACjB;AAED,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG;IAAE,GAAG,EAAE,MAAM,CAAA;CAAE,CAAA;
|
|
1
|
+
{"version":3,"file":"sync.d.ts","sourceRoot":"","sources":["../../../src/syncs/sync.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iCAAiC,EAAE,MAAM,oBAAoB,CAAA;AACtE,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAA;AAC9E,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAE3C,MAAM,WAAW,WAAW;CAAG;AAE/B,MAAM,WAAW,IAAI;IACnB;;OAEG;IACH,UAAU,EAAE,UAAU,CAAA;IAEtB;;OAEG;IACH,IAAI,EAAE,MAAM,CAAA;IAEZ;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,CAAA;IAEhB;;OAEG;IACH,OAAO,CACL,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,iCAAiC,EAC9C,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,WAAW,EAAE,WAAW,GACvB,OAAO,CAAC,IAAI,CAAC,CAAA;CACjB;AAED,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG;IAAE,GAAG,EAAE,MAAM,CAAA;CAAE,CAAA;AAE9D;;;;;;;;;;GAUG;AACH,wBAAsB,QAAQ,CAC5B,OAAO,EAAE,UAAU,EAAE,EACrB,OAAO,EAAE,WAAW,EACpB,SAAS,EAAE,MAAM,EACjB,iBAAiB,EAAE,iBAAiB,iBAarC"}
|
package/dist/cjs/syncs/sync.js
CHANGED
|
@@ -1,6 +1,17 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.syncData = syncData;
|
|
4
|
+
/**
|
|
5
|
+
* Synchronize the data for a given set of resources.
|
|
6
|
+
* This will:
|
|
7
|
+
* 1. Delete any resources that meet the `resourceTypeParts` and are not in the `records` list.
|
|
8
|
+
* 2. Save all resources that are in the `records`.
|
|
9
|
+
*
|
|
10
|
+
* @param records
|
|
11
|
+
* @param storage
|
|
12
|
+
* @param accountId
|
|
13
|
+
* @param resourceTypeParts
|
|
14
|
+
*/
|
|
4
15
|
async function syncData(records, storage, accountId, resourceTypeParts) {
|
|
5
16
|
const allArns = records.map((r) => r.arn);
|
|
6
17
|
await storage.syncResourceList(accountId, resourceTypeParts, allArns);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sync.js","sourceRoot":"","sources":["../../../src/syncs/sync.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"sync.js","sourceRoot":"","sources":["../../../src/syncs/sync.ts"],"names":[],"mappings":";;AAgDA,4BAiBC;AA5BD;;;;;;;;;;GAUG;AACI,KAAK,UAAU,QAAQ,CAC5B,OAAqB,EACrB,OAAoB,EACpB,SAAiB,EACjB,iBAAoC;IAEpC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IACzC,MAAM,OAAO,CAAC,gBAAgB,CAAC,SAAS,EAAE,iBAAiB,EAAE,OAAO,CAAC,CAAA;IAErE,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;gBAClB,SAAQ;YACV,CAAC;YACD,MAAM,OAAO,CAAC,oBAAoB,CAAC,SAAS,EAAE,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;QACvE,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"syncMap.d.ts","sourceRoot":"","sources":["../../../src/syncs/syncMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAoB,MAAM,gBAAgB,CAAA;AA0B7D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;
|
|
1
|
+
{"version":3,"file":"syncMap.d.ts","sourceRoot":"","sources":["../../../src/syncs/syncMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAoB,MAAM,gBAAgB,CAAA;AA0B7D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAiDhC;;;;;GAKG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,UAAU,GAAG,IAAI,EAAE,CAMpE;AAED;;;;;GAKG;AACH,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,UAAU,GAAG,IAAI,EAAE,CAMtE"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"syncMap.js","sourceRoot":"","sources":["../../../src/syncs/syncMap.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"syncMap.js","sourceRoot":"","sources":["../../../src/syncs/syncMap.ts"],"names":[],"mappings":";;AAiFA,4DAMC;AAQD,gEAMC;AArGD,gDAA6D;AAC7D,0DAAuD;AACvD,8DAA2D;AAC3D,oDAAwD;AACxD,2DAAwD;AACxD,mDAA4C;AAC5C,yDAA6D;AAC7D,oDAAoD;AACpD,2EAAwE;AACxE,qEAAkE;AAClE,mEAAgE;AAChE,yCAAsC;AACtC,kDAAwE;AACxE,uEAAmE;AACnE,qDAAqD;AACrD,0DAAyD;AACzD,sDAAqD;AACrD,gDAA4D;AAC5D,gFAA+E;AAC/E,8CAAkD;AAClD,qFAA8E;AAC9E,gEAA+D;AAC/D,4DAAwD;AACxD,+CAA+C;AAC/C,+CAA8C;AAC9C,2DAAmD;AAGnD,MAAM,QAAQ,GAAG;IACf,gCAAgB;IAChB,kDAAwB;IACxB,kCAAgB;IAChB,6BAAiB;IACjB,GAAG,sBAAQ;IACX,uCAAsB;IACtB,0CAAoB;IACpB,GAAG,4CAAqB;IACxB,6BAAiB;IACjB,6BAAe;IACf,gBAAO;IACP,sBAAU;IACV,mCAAuB;IACvB,mCAAgB;IAChB,+BAAgB;IAChB,0BAAY;IACZ,oCAAkB;IAClB,kDAAsB;IACtB,uCAA0B;IAC1B,0DAA6B;IAC7B,oCAAkB;IAClB,uBAAU;IACV,yBAAa;IACb,wBAAY;IACZ,6BAAW;IACX,kCAAgB;CACjB,CAAA;AAED,MAAM,OAAO,GAAG,IAAI,GAAG,EAAoD,CAAA;AAE3E,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;IAC5B,MAAM,OAAO,GAAG,IAAA,8BAAgB,EAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IACjD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE;YACnB,QAAQ,EAAE,EAAE;YACZ,MAAM,EAAE,EAAE;SACX,CAAC,CAAA;IACJ,CAAC;IACD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAE,CAAA;IACnC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAgB,wBAAwB,CAAC,OAAmB;IAC1D,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,IAAA,8BAAgB,EAAC,OAAO,CAAC,CAAC,CAAA;IACpD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAA;IACX,CAAC;IACD,OAAO,KAAK,CAAC,MAAM,CAAA;AACrB,CAAC;AAED;;;;;GAKG;AACH,SAAgB,0BAA0B,CAAC,OAAmB;IAC5D,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,IAAA,8BAAgB,EAAC,OAAO,CAAC,CAAC,CAAA;IACpD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAA;IACX,CAAC;IACD,OAAO,KAAK,CAAC,QAAQ,CAAA;AACvB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"indexMap.d.ts","sourceRoot":"","sources":["../../../src/indexing/indexMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAoB,MAAM,gBAAgB,CAAA;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;
|
|
1
|
+
{"version":3,"file":"indexMap.d.ts","sourceRoot":"","sources":["../../../src/indexing/indexMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAoB,MAAM,gBAAgB,CAAA;AAC7D,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AAyBtC;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,UAAU,GAAG,OAAO,CAAC,GAAG,CAAC,EAAE,CAE5E"}
|
|
@@ -2,10 +2,12 @@ import { lowerCaseService } from '../services.js';
|
|
|
2
2
|
import { AccountOrganizationIndexer } from './indexers/accountOrgs.js';
|
|
3
3
|
import { ApiGatewayIndexer } from './indexers/apigateways.js';
|
|
4
4
|
import { S3BucketIndexer } from './indexers/buckets.js';
|
|
5
|
+
import { IamPrincipalsToTrustPoliciesIndexer } from './indexers/iamPrincipalsToTrustPolicies.js';
|
|
5
6
|
import { VpcEndpointIndexer } from './indexers/vpcEndpoints.js';
|
|
6
7
|
const allIndexers = [
|
|
7
8
|
AccountOrganizationIndexer,
|
|
8
9
|
ApiGatewayIndexer,
|
|
10
|
+
IamPrincipalsToTrustPoliciesIndexer,
|
|
9
11
|
S3BucketIndexer,
|
|
10
12
|
VpcEndpointIndexer
|
|
11
13
|
];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"indexMap.js","sourceRoot":"","sources":["../../../src/indexing/indexMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,gBAAgB,EAAE,MAAM,gBAAgB,CAAA;AAE7D,OAAO,EAAE,0BAA0B,EAAE,MAAM,2BAA2B,CAAA;AACtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAA;AAE/D,MAAM,WAAW,GAAmB;IAClC,0BAA0B;IAC1B,iBAAiB;IACjB,eAAe;IACf,kBAAkB;CACnB,CAAA;AAED,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA0B,CAAA;AAElD,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;IACpD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;IAC3B,CAAC;IACD,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;AACtC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CAAC,UAAsB;IAC1D,OAAO,QAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAA;AACzD,CAAC"}
|
|
1
|
+
{"version":3,"file":"indexMap.js","sourceRoot":"","sources":["../../../src/indexing/indexMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,gBAAgB,EAAE,MAAM,gBAAgB,CAAA;AAE7D,OAAO,EAAE,0BAA0B,EAAE,MAAM,2BAA2B,CAAA;AACtE,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAA;AACvD,OAAO,EAAE,mCAAmC,EAAE,MAAM,4CAA4C,CAAA;AAChG,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAA;AAE/D,MAAM,WAAW,GAAmB;IAClC,0BAA0B;IAC1B,iBAAiB;IACjB,mCAAmC;IACnC,eAAe;IACf,kBAAkB;CACnB,CAAA;AAED,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA0B,CAAA;AAElD,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;IAClC,MAAM,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;IACpD,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAA;IAC3B,CAAC;IACD,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;AACtC,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CAAC,UAAsB;IAC1D,OAAO,QAAQ,CAAC,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE,CAAA;AACzD,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
import { Indexer } from '../indexer.js';
|
|
2
|
+
interface PrincipalsToTrustPoliciesIndex {
|
|
3
|
+
[key: string]: Partial<Record<'principal' | 'notprincipal', Record<string, string[]>>>;
|
|
4
|
+
}
|
|
5
|
+
export declare const IamPrincipalsToTrustPoliciesIndexer: Indexer<PrincipalsToTrustPoliciesIndex>;
|
|
6
|
+
export {};
|
|
7
|
+
//# sourceMappingURL=iamPrincipalsToTrustPolicies.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"iamPrincipalsToTrustPolicies.d.ts","sourceRoot":"","sources":["../../../../src/indexing/indexers/iamPrincipalsToTrustPolicies.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,OAAO,EAAE,MAAM,eAAe,CAAA;AAEvC,UAAU,8BAA8B;IACtC,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,WAAW,GAAG,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,CAAA;CACvF;AAID,eAAO,MAAM,mCAAmC,EAAE,OAAO,CAAC,8BAA8B,CAiCvF,CAAA"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import { loadPolicy } from '@cloud-copilot/iam-policy';
|
|
2
|
+
const indexName = 'principals-to-trust-policies';
|
|
3
|
+
export const IamPrincipalsToTrustPoliciesIndexer = {
|
|
4
|
+
awsService: 'iam',
|
|
5
|
+
name: 'principalsToTrustPolicies',
|
|
6
|
+
getCache: async (storage) => {
|
|
7
|
+
const data = await storage.getIndex(indexName, {});
|
|
8
|
+
return data;
|
|
9
|
+
},
|
|
10
|
+
saveCache: async (storage, cache, lockId) => {
|
|
11
|
+
return storage.saveIndex(indexName, cache, lockId);
|
|
12
|
+
},
|
|
13
|
+
updateCache: async (existingCache, accountId, regions, storage) => {
|
|
14
|
+
// Delete any existing record for the account
|
|
15
|
+
existingCache[accountId] = {};
|
|
16
|
+
// Get all the trust policies for the account
|
|
17
|
+
const roles = await storage.findResourceMetadata(accountId, {
|
|
18
|
+
service: 'iam',
|
|
19
|
+
resourceType: 'role',
|
|
20
|
+
account: accountId
|
|
21
|
+
});
|
|
22
|
+
for (const role of roles) {
|
|
23
|
+
const trustPolicy = await storage.getResourceMetadata(accountId, role.arn, 'trust-policy');
|
|
24
|
+
if (trustPolicy) {
|
|
25
|
+
const parsedPolicy = loadPolicy(trustPolicy);
|
|
26
|
+
updateCacheForPolicy(existingCache, accountId, role.arn, parsedPolicy);
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
};
|
|
31
|
+
function updateCacheForPolicy(cache, accountId, roleArn, policy) {
|
|
32
|
+
for (const statement of policy.statements()) {
|
|
33
|
+
if (statement.isAllow()) {
|
|
34
|
+
if (statement.isPrincipalStatement()) {
|
|
35
|
+
for (const principal of statement.principals()) {
|
|
36
|
+
updateCacheForPrincipal(cache, accountId, roleArn, 'principal', principal.value());
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
else if (statement.isNotPrincipalStatement()) {
|
|
40
|
+
for (const principal of statement.notPrincipals()) {
|
|
41
|
+
updateCacheForPrincipal(cache, accountId, roleArn, 'notprincipal', principal.value());
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
function updateCacheForPrincipal(cache, accountId, roleArn, type, principal) {
|
|
48
|
+
if (!cache[accountId][type]) {
|
|
49
|
+
cache[accountId][type] = {};
|
|
50
|
+
}
|
|
51
|
+
if (!cache[accountId][type][principal]) {
|
|
52
|
+
cache[accountId][type][principal] = [];
|
|
53
|
+
}
|
|
54
|
+
cache[accountId][type][principal].push(roleArn);
|
|
55
|
+
}
|
|
56
|
+
//# sourceMappingURL=iamPrincipalsToTrustPolicies.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"iamPrincipalsToTrustPolicies.js","sourceRoot":"","sources":["../../../../src/indexing/indexers/iamPrincipalsToTrustPolicies.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAU,MAAM,2BAA2B,CAAA;AAO9D,MAAM,SAAS,GAAG,8BAA8B,CAAA;AAEhD,MAAM,CAAC,MAAM,mCAAmC,GAA4C;IAC1F,UAAU,EAAE,KAAK;IACjB,IAAI,EAAE,2BAA2B;IACjC,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAC1B,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,QAAQ,CAAC,SAAS,EAAE,EAAE,CAAC,CAAA;QAClD,OAAO,IAAI,CAAA;IACb,CAAC;IACD,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE;QAC1C,OAAO,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,KAAK,EAAE,MAAM,CAAC,CAAA;IACpD,CAAC;IACD,WAAW,EAAE,KAAK,EAAE,aAAa,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE;QAChE,6CAA6C;QAC7C,aAAa,CAAC,SAAS,CAAC,GAAG,EAAE,CAAA;QAE7B,6CAA6C;QAC7C,MAAM,KAAK,GAAG,MAAM,OAAO,CAAC,oBAAoB,CAAkB,SAAS,EAAE;YAC3E,OAAO,EAAE,KAAK;YACd,YAAY,EAAE,MAAM;YACpB,OAAO,EAAE,SAAS;SACnB,CAAC,CAAA;QAEF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,mBAAmB,CACnD,SAAS,EACT,IAAI,CAAC,GAAG,EACR,cAAc,CACf,CAAA;YACD,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,YAAY,GAAG,UAAU,CAAC,WAAW,CAAC,CAAA;gBAC5C,oBAAoB,CAAC,aAAa,EAAE,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,CAAA;YACxE,CAAC;QACH,CAAC;IACH,CAAC;CACF,CAAA;AAED,SAAS,oBAAoB,CAC3B,KAAqC,EACrC,SAAiB,EACjB,OAAe,EACf,MAAc;IAEd,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;QAC5C,IAAI,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC;YACxB,IAAI,SAAS,CAAC,oBAAoB,EAAE,EAAE,CAAC;gBACrC,KAAK,MAAM,SAAS,IAAI,SAAS,CAAC,UAAU,EAAE,EAAE,CAAC;oBAC/C,uBAAuB,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,WAAW,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;gBACpF,CAAC;YACH,CAAC;iBAAM,IAAI,SAAS,CAAC,uBAAuB,EAAE,EAAE,CAAC;gBAC/C,KAAK,MAAM,SAAS,IAAI,SAAS,CAAC,aAAa,EAAE,EAAE,CAAC;oBAClD,uBAAuB,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,cAAc,EAAE,SAAS,CAAC,KAAK,EAAE,CAAC,CAAA;gBACvF,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,uBAAuB,CAC9B,KAAqC,EACrC,SAAiB,EACjB,OAAe,EACf,IAAkC,EAClC,SAAiB;IAEjB,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAA;IAC7B,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,EAAE,CAAC;QACvC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,GAAG,EAAE,CAAA;IACxC,CAAC;IAED,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;AACjD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"lambda.d.ts","sourceRoot":"","sources":["../../../../src/syncs/lambda/lambda.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"lambda.d.ts","sourceRoot":"","sources":["../../../../src/syncs/lambda/lambda.ts"],"names":[],"mappings":"AAYA,OAAO,EAAc,IAAI,EAAY,MAAM,YAAY,CAAA;AAGvD,eAAO,MAAM,UAAU,MA6CtB,CAAA;AAED,eAAO,MAAM,uBAAuB,EAAE,IA2DrC,CAAA"}
|
|
@@ -1,7 +1,9 @@
|
|
|
1
|
-
import { GetPolicyCommand, LambdaClient, ListFunctionsCommand, ListTagsCommand } from '@aws-sdk/client-lambda';
|
|
1
|
+
import { GetLayerVersionPolicyCommand, GetPolicyCommand, LambdaClient, ListFunctionsCommand, ListLayersCommand, ListLayerVersionsCommand, ListTagsCommand } from '@aws-sdk/client-lambda';
|
|
2
|
+
import { AwsClientPool } from '../../aws/ClientPool.js';
|
|
2
3
|
import { runAndCatch404 } from '../../utils/client-tools.js';
|
|
3
4
|
import { parseIfPresent } from '../../utils/json.js';
|
|
4
|
-
import {
|
|
5
|
+
import { syncData } from '../sync.js';
|
|
6
|
+
import { createResourceSyncType, createTypedSyncOperation, paginateResource } from '../typedSync.js';
|
|
5
7
|
export const LambdaSync = createTypedSyncOperation('lambda', 'lambdaFunctions', createResourceSyncType({
|
|
6
8
|
client: LambdaClient,
|
|
7
9
|
command: ListFunctionsCommand,
|
|
@@ -40,4 +42,47 @@ export const LambdaSync = createTypedSyncOperation('lambda', 'lambdaFunctions',
|
|
|
40
42
|
policy: func.extraFields.policy
|
|
41
43
|
})
|
|
42
44
|
}));
|
|
45
|
+
export const LambdaLayerVersionsSync = {
|
|
46
|
+
awsService: 'lambda',
|
|
47
|
+
name: 'lambdaLayerVersions',
|
|
48
|
+
execute: async (accountId, region, credentials, storage, endpoint, syncOptions) => {
|
|
49
|
+
const lambdaClient = AwsClientPool.defaultInstance.client(LambdaClient, credentials, region, endpoint);
|
|
50
|
+
const allLayers = await paginateResource(lambdaClient, ListLayersCommand, 'Layers', {
|
|
51
|
+
inputKey: 'Marker',
|
|
52
|
+
outputKey: 'NextMarker'
|
|
53
|
+
});
|
|
54
|
+
const allLayerVersions = [];
|
|
55
|
+
for (const layer of allLayers) {
|
|
56
|
+
const layerVersions = await paginateResource(lambdaClient, ListLayerVersionsCommand, 'LayerVersions', {
|
|
57
|
+
inputKey: 'Marker',
|
|
58
|
+
outputKey: 'NextMarker'
|
|
59
|
+
}, {
|
|
60
|
+
LayerName: layer.LayerName
|
|
61
|
+
});
|
|
62
|
+
for (const version of layerVersions) {
|
|
63
|
+
const policy = await runAndCatch404(async () => {
|
|
64
|
+
const policyResult = await lambdaClient.send(new GetLayerVersionPolicyCommand({
|
|
65
|
+
LayerName: layer.LayerName,
|
|
66
|
+
VersionNumber: version.Version
|
|
67
|
+
}));
|
|
68
|
+
return parseIfPresent(policyResult.Policy);
|
|
69
|
+
});
|
|
70
|
+
allLayerVersions.push({
|
|
71
|
+
arn: version.LayerVersionArn,
|
|
72
|
+
metadata: {
|
|
73
|
+
name: layer.LayerName,
|
|
74
|
+
version: version.Version
|
|
75
|
+
},
|
|
76
|
+
policy: policy
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
await syncData(allLayerVersions, storage, accountId, {
|
|
81
|
+
service: 'lambda',
|
|
82
|
+
resourceType: 'layer',
|
|
83
|
+
account: accountId,
|
|
84
|
+
region: region
|
|
85
|
+
});
|
|
86
|
+
}
|
|
87
|
+
};
|
|
43
88
|
//# sourceMappingURL=lambda.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"lambda.js","sourceRoot":"","sources":["../../../../src/syncs/lambda/lambda.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,oBAAoB,EACpB,eAAe,EAChB,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AACpD,OAAO,EAAE,sBAAsB,EAAE,wBAAwB,EAAE,MAAM,iBAAiB,CAAA;
|
|
1
|
+
{"version":3,"file":"lambda.js","sourceRoot":"","sources":["../../../../src/syncs/lambda/lambda.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,4BAA4B,EAC5B,gBAAgB,EAChB,YAAY,EACZ,oBAAoB,EACpB,iBAAiB,EACjB,wBAAwB,EACxB,eAAe,EAChB,MAAM,wBAAwB,CAAA;AAC/B,OAAO,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAA;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAA;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAA;AACpD,OAAO,EAAoB,QAAQ,EAAE,MAAM,YAAY,CAAA;AACvD,OAAO,EAAE,sBAAsB,EAAE,wBAAwB,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAEpG,MAAM,CAAC,MAAM,UAAU,GAAG,wBAAwB,CAChD,QAAQ,EACR,iBAAiB,EACjB,sBAAsB,CAAC;IACrB,MAAM,EAAE,YAAY;IACpB,OAAO,EAAE,oBAAoB;IAC7B,GAAG,EAAE,WAAW;IAChB,gBAAgB,EAAE;QAChB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,YAAY;KACxB;IACD,iBAAiB,EAAE,CAAC,SAAiB,EAAE,MAAc,EAAE,EAAE,CAAC,CAAC;QACzD,OAAO,EAAE,QAAQ;QACjB,YAAY,EAAE,UAAU;QACxB,OAAO,EAAE,SAAS;QAClB,MAAM,EAAE,MAAM;KACf,CAAC;IACF,WAAW,EAAE;QACX,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;YAC/B,OAAO,cAAc,CAAC,KAAK,IAAI,EAAE;gBAC/B,MAAM,SAAS,GAAG,MAAM,MAAM,CAAC,IAAI,CACjC,IAAI,eAAe,CAAC,EAAE,QAAQ,EAAE,QAAQ,CAAC,WAAW,EAAE,CAAC,CACxD,CAAA;gBACD,OAAO,SAAS,CAAC,IAAI,CAAA;YACvB,CAAC,CAAC,CAAA;QACJ,CAAC;QACD,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE;YACjC,OAAO,cAAc,CAAC,KAAK,IAAI,EAAE;gBAC/B,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,IAAI,CACpC,IAAI,gBAAgB,CAAC,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC,CAC9D,CAAA;gBACD,OAAO,cAAc,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;YAC5C,CAAC,CAAC,CAAA;QACJ,CAAC;KACF;IACD,IAAI,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI;IACrC,GAAG,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAY;IAChC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAClB,QAAQ,EAAE;YACR,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,IAAI,EAAE,IAAI,CAAC,YAAY;SACxB;QACD,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,MAAM;KAChC,CAAC;CACH,CAAC,CACH,CAAA;AAED,MAAM,CAAC,MAAM,uBAAuB,GAAS;IAC3C,UAAU,EAAE,QAAQ;IACpB,IAAI,EAAE,qBAAqB;IAC3B,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,EAAE;QAChF,MAAM,YAAY,GAAG,aAAa,CAAC,eAAe,CAAC,MAAM,CACvD,YAAY,EACZ,WAAW,EACX,MAAM,EACN,QAAQ,CACT,CAAA;QACD,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,YAAY,EAAE,iBAAiB,EAAE,QAAQ,EAAE;YAClF,QAAQ,EAAE,QAAQ;YAClB,SAAS,EAAE,YAAY;SACxB,CAAC,CAAA;QAEF,MAAM,gBAAgB,GAAiB,EAAE,CAAA;QACzC,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;YAC9B,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAC1C,YAAY,EACZ,wBAAwB,EACxB,eAAe,EACf;gBACE,QAAQ,EAAE,QAAQ;gBAClB,SAAS,EAAE,YAAY;aACxB,EACD;gBACE,SAAS,EAAE,KAAK,CAAC,SAAS;aAC3B,CACF,CAAA;YAED,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;gBACpC,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,KAAK,IAAI,EAAE;oBAC7C,MAAM,YAAY,GAAG,MAAM,YAAY,CAAC,IAAI,CAC1C,IAAI,4BAA4B,CAAC;wBAC/B,SAAS,EAAE,KAAK,CAAC,SAAU;wBAC3B,aAAa,EAAE,OAAO,CAAC,OAAO;qBAC/B,CAAC,CACH,CAAA;oBACD,OAAO,cAAc,CAAC,YAAY,CAAC,MAAM,CAAC,CAAA;gBAC5C,CAAC,CAAC,CAAA;gBAEF,gBAAgB,CAAC,IAAI,CAAC;oBACpB,GAAG,EAAE,OAAO,CAAC,eAAgB;oBAC7B,QAAQ,EAAE;wBACR,IAAI,EAAE,KAAK,CAAC,SAAS;wBACrB,OAAO,EAAE,OAAO,CAAC,OAAO;qBACzB;oBACD,MAAM,EAAE,MAAM;iBACf,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,MAAM,QAAQ,CAAC,gBAAgB,EAAE,OAAO,EAAE,SAAS,EAAE;YACnD,OAAO,EAAE,QAAQ;YACjB,YAAY,EAAE,OAAO;YACrB,OAAO,EAAE,SAAS;YAClB,MAAM,EAAE,MAAM;SACf,CAAC,CAAA;IACJ,CAAC;CACF,CAAA"}
|
package/dist/esm/syncs/sync.d.ts
CHANGED
|
@@ -24,5 +24,16 @@ export interface Sync {
|
|
|
24
24
|
export type DataRecord = Record<string, any> & {
|
|
25
25
|
arn: string;
|
|
26
26
|
};
|
|
27
|
+
/**
|
|
28
|
+
* Synchronize the data for a given set of resources.
|
|
29
|
+
* This will:
|
|
30
|
+
* 1. Delete any resources that meet the `resourceTypeParts` and are not in the `records` list.
|
|
31
|
+
* 2. Save all resources that are in the `records`.
|
|
32
|
+
*
|
|
33
|
+
* @param records
|
|
34
|
+
* @param storage
|
|
35
|
+
* @param accountId
|
|
36
|
+
* @param resourceTypeParts
|
|
37
|
+
*/
|
|
27
38
|
export declare function syncData(records: DataRecord[], storage: AwsIamStore, accountId: string, resourceTypeParts: ResourceTypeParts): Promise<void>;
|
|
28
39
|
//# sourceMappingURL=sync.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sync.d.ts","sourceRoot":"","sources":["../../../src/syncs/sync.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iCAAiC,EAAE,MAAM,oBAAoB,CAAA;AACtE,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAA;AAC9E,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAE3C,MAAM,WAAW,WAAW;CAAG;AAE/B,MAAM,WAAW,IAAI;IACnB;;OAEG;IACH,UAAU,EAAE,UAAU,CAAA;IAEtB;;OAEG;IACH,IAAI,EAAE,MAAM,CAAA;IAEZ;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,CAAA;IAEhB;;OAEG;IACH,OAAO,CACL,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,iCAAiC,EAC9C,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,WAAW,EAAE,WAAW,GACvB,OAAO,CAAC,IAAI,CAAC,CAAA;CACjB;AAED,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG;IAAE,GAAG,EAAE,MAAM,CAAA;CAAE,CAAA;
|
|
1
|
+
{"version":3,"file":"sync.d.ts","sourceRoot":"","sources":["../../../src/syncs/sync.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iCAAiC,EAAE,MAAM,oBAAoB,CAAA;AACtE,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,+BAA+B,CAAA;AAC9E,OAAO,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAA;AAE3C,MAAM,WAAW,WAAW;CAAG;AAE/B,MAAM,WAAW,IAAI;IACnB;;OAEG;IACH,UAAU,EAAE,UAAU,CAAA;IAEtB;;OAEG;IACH,IAAI,EAAE,MAAM,CAAA;IAEZ;;OAEG;IACH,MAAM,CAAC,EAAE,OAAO,CAAA;IAEhB;;OAEG;IACH,OAAO,CACL,SAAS,EAAE,MAAM,EACjB,MAAM,EAAE,MAAM,EACd,WAAW,EAAE,iCAAiC,EAC9C,OAAO,EAAE,WAAW,EACpB,QAAQ,EAAE,MAAM,GAAG,SAAS,EAC5B,WAAW,EAAE,WAAW,GACvB,OAAO,CAAC,IAAI,CAAC,CAAA;CACjB;AAED,MAAM,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,GAAG;IAAE,GAAG,EAAE,MAAM,CAAA;CAAE,CAAA;AAE9D;;;;;;;;;;GAUG;AACH,wBAAsB,QAAQ,CAC5B,OAAO,EAAE,UAAU,EAAE,EACrB,OAAO,EAAE,WAAW,EACpB,SAAS,EAAE,MAAM,EACjB,iBAAiB,EAAE,iBAAiB,iBAarC"}
|
package/dist/esm/syncs/sync.js
CHANGED
|
@@ -1,3 +1,14 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Synchronize the data for a given set of resources.
|
|
3
|
+
* This will:
|
|
4
|
+
* 1. Delete any resources that meet the `resourceTypeParts` and are not in the `records` list.
|
|
5
|
+
* 2. Save all resources that are in the `records`.
|
|
6
|
+
*
|
|
7
|
+
* @param records
|
|
8
|
+
* @param storage
|
|
9
|
+
* @param accountId
|
|
10
|
+
* @param resourceTypeParts
|
|
11
|
+
*/
|
|
1
12
|
export async function syncData(records, storage, accountId, resourceTypeParts) {
|
|
2
13
|
const allArns = records.map((r) => r.arn);
|
|
3
14
|
await storage.syncResourceList(accountId, resourceTypeParts, allArns);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sync.js","sourceRoot":"","sources":["../../../src/syncs/sync.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"sync.js","sourceRoot":"","sources":["../../../src/syncs/sync.ts"],"names":[],"mappings":"AAqCA;;;;;;;;;;GAUG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,OAAqB,EACrB,OAAoB,EACpB,SAAiB,EACjB,iBAAoC;IAEpC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IACzC,MAAM,OAAO,CAAC,gBAAgB,CAAC,SAAS,EAAE,iBAAiB,EAAE,OAAO,CAAC,CAAA;IAErE,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAClD,IAAI,GAAG,KAAK,KAAK,EAAE,CAAC;gBAClB,SAAQ;YACV,CAAC;YACD,MAAM,OAAO,CAAC,oBAAoB,CAAC,SAAS,EAAE,MAAM,CAAC,GAAG,EAAE,GAAG,EAAE,KAAK,CAAC,CAAA;QACvE,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"syncMap.d.ts","sourceRoot":"","sources":["../../../src/syncs/syncMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAoB,MAAM,gBAAgB,CAAA;AA0B7D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;
|
|
1
|
+
{"version":3,"file":"syncMap.d.ts","sourceRoot":"","sources":["../../../src/syncs/syncMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAoB,MAAM,gBAAgB,CAAA;AA0B7D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAA;AAiDhC;;;;;GAKG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,UAAU,GAAG,IAAI,EAAE,CAMpE;AAED;;;;;GAKG;AACH,wBAAgB,0BAA0B,CAAC,OAAO,EAAE,UAAU,GAAG,IAAI,EAAE,CAMtE"}
|
|
@@ -10,7 +10,7 @@ import { AuthorizationDetailsSync } from './iam/authorizationDetails.js';
|
|
|
10
10
|
import { IdentityProviderSyncs } from './iam/identityProviders.js';
|
|
11
11
|
import { InstanceProfilesSync } from './iam/instanceProfiles.js';
|
|
12
12
|
import { KeySync } from './kms/key.js';
|
|
13
|
-
import { LambdaSync } from './lambda/lambda.js';
|
|
13
|
+
import { LambdaLayerVersionsSync, LambdaSync } from './lambda/lambda.js';
|
|
14
14
|
import { OrganizationSync } from './organizations/organizations.js';
|
|
15
15
|
import { RamResourcesSync } from './ram/ramShares.js';
|
|
16
16
|
import { S3AccessPointsSync } from './s3/accessPoints.js';
|
|
@@ -37,6 +37,7 @@ const allSyncs = [
|
|
|
37
37
|
GlueCatalogSync,
|
|
38
38
|
KeySync,
|
|
39
39
|
LambdaSync,
|
|
40
|
+
LambdaLayerVersionsSync,
|
|
40
41
|
OrganizationSync,
|
|
41
42
|
RamResourcesSync,
|
|
42
43
|
RestApisSync,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"syncMap.js","sourceRoot":"","sources":["../../../src/syncs/syncMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,gBAAgB,EAAE,MAAM,gBAAgB,CAAA;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAA;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AACxD,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAC5C,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AACpD,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAA;AACxE,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAA;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAA;AAChE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;
|
|
1
|
+
{"version":3,"file":"syncMap.js","sourceRoot":"","sources":["../../../src/syncs/syncMap.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,gBAAgB,EAAE,MAAM,gBAAgB,CAAA;AAC7D,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAA;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAA;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAA;AACxD,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAA;AACxD,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAA;AAC5C,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAA;AAC7D,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAA;AACpD,OAAO,EAAE,wBAAwB,EAAE,MAAM,+BAA+B,CAAA;AACxE,OAAO,EAAE,qBAAqB,EAAE,MAAM,4BAA4B,CAAA;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAA;AAChE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAA;AACtC,OAAO,EAAE,uBAAuB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAA;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,kCAAkC,CAAA;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AACzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AACrD,OAAO,EAAE,0BAA0B,EAAE,MAAM,iBAAiB,CAAA;AAC5D,OAAO,EAAE,6BAA6B,EAAE,MAAM,iCAAiC,CAAA;AAC/E,OAAO,EAAE,iBAAiB,EAAE,MAAM,gBAAgB,CAAA;AAClD,OAAO,EAAE,sBAAsB,EAAE,MAAM,uCAAuC,CAAA;AAC9E,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAA;AAC/D,OAAO,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAA;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,iBAAiB,CAAA;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,iBAAiB,CAAA;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAA;AAGnD,MAAM,QAAQ,GAAG;IACf,gBAAgB;IAChB,wBAAwB;IACxB,gBAAgB;IAChB,iBAAiB;IACjB,GAAG,QAAQ;IACX,sBAAsB;IACtB,oBAAoB;IACpB,GAAG,qBAAqB;IACxB,iBAAiB;IACjB,eAAe;IACf,OAAO;IACP,UAAU;IACV,uBAAuB;IACvB,gBAAgB;IAChB,gBAAgB;IAChB,YAAY;IACZ,kBAAkB;IAClB,sBAAsB;IACtB,0BAA0B;IAC1B,6BAA6B;IAC7B,kBAAkB;IAClB,UAAU;IACV,aAAa;IACb,YAAY;IACZ,WAAW;IACX,gBAAgB;CACjB,CAAA;AAED,MAAM,OAAO,GAAG,IAAI,GAAG,EAAoD,CAAA;AAE3E,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;IAC5B,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;IACjD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE;YACnB,QAAQ,EAAE,EAAE;YACZ,MAAM,EAAE,EAAE;SACX,CAAC,CAAA;IACJ,CAAC;IACD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAE,CAAA;IACnC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC3B,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,wBAAwB,CAAC,OAAmB;IAC1D,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAA;IACpD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAA;IACX,CAAC;IACD,OAAO,KAAK,CAAC,MAAM,CAAA;AACrB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,0BAA0B,CAAC,OAAmB;IAC5D,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAA;IACpD,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,EAAE,CAAA;IACX,CAAC;IACD,OAAO,KAAK,CAAC,QAAQ,CAAA;AACvB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cloud-copilot/iam-collect",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.69",
|
|
4
4
|
"description": "Collect IAM information from AWS Accounts",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -133,6 +133,7 @@
|
|
|
133
133
|
"@aws-sdk/credential-providers": "^3.772.0",
|
|
134
134
|
"@aws-sdk/types": "^3.734.0",
|
|
135
135
|
"@cloud-copilot/cli": "^0.1.20",
|
|
136
|
+
"@cloud-copilot/iam-policy": "^0.1.24",
|
|
136
137
|
"@smithy/smithy-client": "^4.2.0",
|
|
137
138
|
"@smithy/util-retry": "^4.0.2",
|
|
138
139
|
"jsonc-parser": "^3.3.1"
|