@cloud-copilot/iam-expand 0.1.10 → 0.1.12

package/README.md

@@ -6,6 +6,11 @@ Use this to:
 2) Get an exhaustive list of actions that are included in a policy to quickly search it for interesting actions.
 3) Investigate where interesting or dubious actions are being used in your policies.
 
+<!-- Image of demo.svg -->
+![Demo](assets/demo.svg)
+
+Extended demo [on YouTube](https://www.youtube.com/watch?v=357-uGru7300).
+
 Published as an [npm package](#typescriptnodejs-usage) in ESM and CommonJS plus available as a [CLI](#cli).
 
 All information is sourced from [@cloud-copilot/iam-data](https://github.com/cloud-copilot/iam-data) which is updated daily.
@@ -156,10 +161,10 @@ When reading from stdin (see [below](#read-from-stdin)) the CLI will wait 10 sec
 
 ```bash
 cat policy.json | iam-expand
-# Will wait for 10 seconds for input, which is plenty of time for a local file.
+# Will wait up to 10 seconds for input to start, which is plenty of time for a local file.
 
 curl "https://government-secrets.s3.amazonaws.com/secret-policy.json" | iam-expand --read-wait-ms=20_000
-# Will wait for 20 seconds for the first byte from curl before timing out. Adjust as needed
+# Will wait up to 20 seconds to receive first byte from curl before timing out. Adjust as needed
 ```
 
 ### Read from stdin

package/dist/cjs/expand_file.d.ts

@@ -1,11 +1,12 @@
 import { ExpandIamActionsOptions } from "./expand.js";
 /**
- * Takes any JSON document and expands any Action found in the document
+ * Takes any JSON document and expands any Action or NotAction string or array of strings in the document.
+ * *MODIFIES THE DOCUMENT IN PLACE*
  *
  * @param options the options to use when expanding the actions
  * @param document the JSON document to expand
  * @param key the key of the current node in the document
- * @returns the expanded JSON document
+ * @returns the original JSON document with any actions expanded in place
  */
 export declare function expandJsonDocument(options: Partial<ExpandIamActionsOptions>, document: any, key?: string): Promise<any>;
 //# sourceMappingURL=expand_file.d.ts.map

package/dist/cjs/expand_file.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"expand_file.d.ts","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoB,uBAAuB,EAAE,MAAM,aAAa,CAAA;AAEvE;;;;;;;GAOG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,uBAAuB,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CA4B7H"}
+{"version":3,"file":"expand_file.d.ts","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoB,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAExE;;;;;;;;GAQG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,uBAAuB,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CA0B7H"}

package/dist/cjs/expand_file.js

@@ -3,36 +3,35 @@ Object.defineProperty(exports, "__esModule", { value: true });
 exports.expandJsonDocument = expandJsonDocument;
 const expand_js_1 = require("./expand.js");
 /**
- * Takes any JSON document and expands any Action found in the document
+ * Takes any JSON document and expands any Action or NotAction string or array of strings in the document.
+ * *MODIFIES THE DOCUMENT IN PLACE*
  *
  * @param options the options to use when expanding the actions
  * @param document the JSON document to expand
  * @param key the key of the current node in the document
- * @returns the expanded JSON document
+ * @returns the original JSON document with any actions expanded in place
  */
 async function expandJsonDocument(options, document, key) {
     if (key === 'Action' || key === 'NotAction') {
         if (typeof document === 'string') {
-            return await (0, expand_js_1.expandIamActions)(document, options);
+            return (0, expand_js_1.expandIamActions)(document, options);
         }
         if (Array.isArray(document) && document.length > 0 && typeof document[0] === 'string') {
-            const value = await (0, expand_js_1.expandIamActions)(document, { ...options });
-            return value;
+            return (0, expand_js_1.expandIamActions)(document, options);
         }
     }
     if (Array.isArray(document)) {
-        return Promise.all(document.map(async (item) => {
-            return expandJsonDocument(options, item);
-        }));
+        const results = [];
+        for (const item of document) {
+            results.push(await expandJsonDocument(options, item));
+        }
+        return results;
     }
-    if (typeof document === 'object') {
-        const keys = Object.keys(document);
-        const newObject = {};
-        for (const key of keys) {
-            const value = document[key];
-            newObject[key] = await expandJsonDocument(options, value, key);
+    if (typeof document === 'object' && document !== null) {
+        for (const key of Object.keys(document)) {
+            document[key] = await expandJsonDocument(options, document[key], key);
         }
-        return newObject;
+        return document;
     }
     return document;
 }

package/dist/cjs/expand_file.js.map

@@ -1 +1 @@
-{"version":3,"file":"expand_file.js","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":";;AAUA,gDA4BC;AAtCD,2CAAuE;AAEvE;;;;;;;GAOG;AACI,KAAK,UAAU,kBAAkB,CAAC,OAAyC,EAAE,QAAa,EAAE,GAAY;IAC7G,IAAG,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;QAC3C,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAChC,OAAO,MAAM,IAAA,4BAAgB,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;QAClD,CAAC;QACD,IAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YACrF,MAAM,KAAK,GAAI,MAAM,IAAA,4BAAgB,EAAC,QAAQ,EAAE,EAAC,GAAG,OAAO,EAAC,CAAC,CAAA;YAC7D,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAED,IAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3B,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;YAC7C,OAAO,kBAAkB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;QAC1C,CAAC,CAAC,CAAC,CAAA;IACL,CAAC;IAED,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAClC,MAAM,SAAS,GAAQ,EAAE,CAAA;QACzB,KAAI,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACtB,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAA;YAC3B,SAAS,CAAC,GAAG,CAAC,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;QAChE,CAAC;QACD,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC"}
+{"version":3,"file":"expand_file.js","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":";;AAWA,gDA0BC;AArCD,2CAAwE;AAExE;;;;;;;;GAQG;AACI,KAAK,UAAU,kBAAkB,CAAC,OAAyC,EAAE,QAAa,EAAE,GAAY;IAC7G,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;QAC5C,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACjC,OAAO,IAAA,4BAAgB,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YACtF,OAAO,IAAA,4BAAgB,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,EAAE,CAAC;QACnB,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,IAAI,CAAC,MAAM,kBAAkB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,GAAG,CAAC,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/esm/expand_file.d.ts

@@ -1,11 +1,12 @@
 import { ExpandIamActionsOptions } from "./expand.js";
 /**
- * Takes any JSON document and expands any Action found in the document
+ * Takes any JSON document and expands any Action or NotAction string or array of strings in the document.
+ * *MODIFIES THE DOCUMENT IN PLACE*
  *
  * @param options the options to use when expanding the actions
  * @param document the JSON document to expand
  * @param key the key of the current node in the document
- * @returns the expanded JSON document
+ * @returns the original JSON document with any actions expanded in place
  */
 export declare function expandJsonDocument(options: Partial<ExpandIamActionsOptions>, document: any, key?: string): Promise<any>;
 //# sourceMappingURL=expand_file.d.ts.map

package/dist/esm/expand_file.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"expand_file.d.ts","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoB,uBAAuB,EAAE,MAAM,aAAa,CAAA;AAEvE;;;;;;;GAOG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,uBAAuB,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CA4B7H"}
+{"version":3,"file":"expand_file.d.ts","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAoB,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAExE;;;;;;;;GAQG;AACH,wBAAsB,kBAAkB,CAAC,OAAO,EAAE,OAAO,CAAC,uBAAuB,CAAC,EAAE,QAAQ,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,CA0B7H"}

package/dist/esm/expand_file.js

@@ -1,35 +1,34 @@
 import { expandIamActions } from "./expand.js";
 /**
- * Takes any JSON document and expands any Action found in the document
+ * Takes any JSON document and expands any Action or NotAction string or array of strings in the document.
+ * *MODIFIES THE DOCUMENT IN PLACE*
  *
  * @param options the options to use when expanding the actions
  * @param document the JSON document to expand
  * @param key the key of the current node in the document
- * @returns the expanded JSON document
+ * @returns the original JSON document with any actions expanded in place
  */
 export async function expandJsonDocument(options, document, key) {
     if (key === 'Action' || key === 'NotAction') {
         if (typeof document === 'string') {
-            return await expandIamActions(document, options);
+            return expandIamActions(document, options);
         }
         if (Array.isArray(document) && document.length > 0 && typeof document[0] === 'string') {
-            const value = await expandIamActions(document, { ...options });
-            return value;
+            return expandIamActions(document, options);
         }
     }
     if (Array.isArray(document)) {
-        return Promise.all(document.map(async (item) => {
-            return expandJsonDocument(options, item);
-        }));
+        const results = [];
+        for (const item of document) {
+            results.push(await expandJsonDocument(options, item));
+        }
+        return results;
     }
-    if (typeof document === 'object') {
-        const keys = Object.keys(document);
-        const newObject = {};
-        for (const key of keys) {
-            const value = document[key];
-            newObject[key] = await expandJsonDocument(options, value, key);
+    if (typeof document === 'object' && document !== null) {
+        for (const key of Object.keys(document)) {
+            document[key] = await expandJsonDocument(options, document[key], key);
         }
-        return newObject;
+        return document;
     }
     return document;
 }

package/dist/esm/expand_file.js.map

@@ -1 +1 @@
-{"version":3,"file":"expand_file.js","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAA2B,MAAM,aAAa,CAAA;AAEvE;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,OAAyC,EAAE,QAAa,EAAE,GAAY;IAC7G,IAAG,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;QAC3C,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAChC,OAAO,MAAM,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;QAClD,CAAC;QACD,IAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YACrF,MAAM,KAAK,GAAI,MAAM,gBAAgB,CAAC,QAAQ,EAAE,EAAC,GAAG,OAAO,EAAC,CAAC,CAAA;YAC7D,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAED,IAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3B,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;YAC7C,OAAO,kBAAkB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;QAC1C,CAAC,CAAC,CAAC,CAAA;IACL,CAAC;IAED,IAAG,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QAClC,MAAM,SAAS,GAAQ,EAAE,CAAA;QACzB,KAAI,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACtB,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAA;YAC3B,SAAS,CAAC,GAAG,CAAC,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,CAAA;QAChE,CAAC;QACD,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC"}
+{"version":3,"file":"expand_file.js","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAA2B,MAAM,aAAa,CAAC;AAExE;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,OAAyC,EAAE,QAAa,EAAE,GAAY;IAC7G,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;QAC5C,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACjC,OAAO,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;QACD,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,QAAQ,EAAE,CAAC;YACtF,OAAO,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,EAAE,CAAC;QACnB,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,IAAI,CAAC,MAAM,kBAAkB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,GAAG,CAAC,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@cloud-copilot/iam-expand",
-  "version": "0.1.10",
+  "version": "0.1.12",
   "description": "Expand AWS IAM Actions with Wildcards",
   "repository": {
     "type": "git",
@@ -17,7 +17,7 @@
   ],
   "types": "dist/cjs/index.d.ts",
   "bin": {
-    "iam-expand": "dist/cjs/cli.js"
+    "iam-expand": "dist/esm/cli.js"
   },
   "scripts": {
     "build": "npx tsc -p tsconfig.cjs.json && npx tsc -p tsconfig.esm.json && ./postbuild.sh",
@@ -41,6 +41,6 @@
     "vitest": "^2.0.5"
   },
   "peerDependencies": {
-    "@cloud-copilot/iam-data": ">=0.3.0 <1.0.0"
+    "@cloud-copilot/iam-data": ">=0.5.0 <1.0.0"
   }
 }