@cloud-copilot/iam-expand 0.7.0-rc2 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +85 -36
- package/dist/cjs/cli.js +2 -2
- package/dist/cjs/cli.js.map +1 -1
- package/dist/cjs/expand_file.js +1 -1
- package/dist/cjs/expand_file.js.map +1 -1
- package/dist/cjs/index.d.ts +3 -2
- package/dist/cjs/index.d.ts.map +1 -1
- package/dist/cjs/index.js +3 -2
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/invert.d.ts +1 -1
- package/dist/cjs/invert.d.ts.map +1 -1
- package/dist/cjs/invert.js +2 -2
- package/dist/cjs/invert.js.map +1 -1
- package/dist/esm/cli.js +3 -3
- package/dist/esm/cli.js.map +1 -1
- package/dist/esm/expand_file.js +2 -2
- package/dist/esm/expand_file.js.map +1 -1
- package/dist/esm/index.d.ts +3 -2
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js +2 -1
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/invert.d.ts +1 -1
- package/dist/esm/invert.d.ts.map +1 -1
- package/dist/esm/invert.js +1 -1
- package/dist/esm/invert.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
# Expand IAM Actions
|
|
2
|
-
Built in the Unix philosophy, this is a small tool that does one thing well:
|
|
2
|
+
Built in the Unix philosophy, this is a small tool that does one thing well: explain IAM actions with wildcards.
|
|
3
3
|
|
|
4
4
|
Use this to:
|
|
5
5
|
1) Expand wildcards when you are not allowed to use them in your policies.
|
|
@@ -66,6 +66,20 @@ s3:PutObjectVersionTagging
|
|
|
66
66
|
s3:PutStorageLensConfigurationTaggin
|
|
67
67
|
```
|
|
68
68
|
|
|
69
|
+
### Inverting Actions
|
|
70
|
+
Use this to find all actions that are not in a set of patterns
|
|
71
|
+
```bash
|
|
72
|
+
iam-expand --invert s3:Get*Tagging s3:Put*Tagging
|
|
73
|
+
#Outputs all actions that are not Get*Tagging or Put*Tagging
|
|
74
|
+
a2c:GetContainerizationJobDetails
|
|
75
|
+
a2c:GetDeploymentJobDetails
|
|
76
|
+
a2c:StartContainerizationJob
|
|
77
|
+
a2c:StartDeploymentJob
|
|
78
|
+
a4b:ApproveSkill
|
|
79
|
+
a4b:AssociateContactWithAddressBook
|
|
80
|
+
...
|
|
81
|
+
```
|
|
82
|
+
|
|
69
83
|
### Help
|
|
70
84
|
Run the command with no options to show usage:
|
|
71
85
|
```bash
|
|
@@ -85,21 +99,6 @@ iam-expand --expand-asterisk "*"
|
|
|
85
99
|
# Returns very many strings, very very fast. 📚 🚀
|
|
86
100
|
```
|
|
87
101
|
|
|
88
|
-
#### `--expand-service-asterisk`
|
|
89
|
-
By default, a service name followed by a `*` (such as `s3:*` or `lambda:*`) will not be expanded. If you want to expand these you can set this flag.
|
|
90
|
-
```bash
|
|
91
|
-
iam-expand "s3:*"
|
|
92
|
-
# Returns the service:* action
|
|
93
|
-
s3:*
|
|
94
|
-
|
|
95
|
-
iam-expand --expand-service-asterisk "s3:*"
|
|
96
|
-
# Returns all the s3 actions in order. 🪣
|
|
97
|
-
s3:AbortMultipartUpload
|
|
98
|
-
s3:AssociateAccessGrantsIdentityCenter
|
|
99
|
-
s3:BypassGovernanceRetention
|
|
100
|
-
...
|
|
101
|
-
```
|
|
102
|
-
|
|
103
102
|
#### `--error-on-invalid-format`
|
|
104
103
|
By default, if an invalid format is passed in, such as:
|
|
105
104
|
* `s3Get*Tagging` (missing a separator) or
|
|
@@ -147,6 +146,27 @@ iam-expand --invalid-action-behavior=include "ec2:DestroyAvailabilityZone"
|
|
|
147
146
|
ec2:DestroyAvailabilityZone
|
|
148
147
|
```
|
|
149
148
|
|
|
149
|
+
#### `--invert`
|
|
150
|
+
Use this to find all actions that are not in a set of patterns. Only works for actions passed as arguments, or unstructured content from stdin.
|
|
151
|
+
```bash
|
|
152
|
+
iam-expand --invert s3:Get*Tagging s3:Put*Tagging
|
|
153
|
+
#Outputs all actions that are not Get*Tagging or Put*Tagging
|
|
154
|
+
a2c:GetContainerizationJobDetails
|
|
155
|
+
a2c:GetDeploymentJobDetails
|
|
156
|
+
a2c:StartContainerizationJob
|
|
157
|
+
a2c:StartDeploymentJob
|
|
158
|
+
a4b:ApproveSkill
|
|
159
|
+
a4b:AssociateContactWithAddressBook
|
|
160
|
+
...
|
|
161
|
+
```
|
|
162
|
+
|
|
163
|
+
#### `--invert-not-actions`
|
|
164
|
+
*This operates only on JSON input*. It will recursively search the JSON document for any `NotAction` that is a string or and array of strings. The `NotAction` will be replaced with an `Action` key that is the inverse of the `NotAction` actions or patterns.
|
|
165
|
+
```bash
|
|
166
|
+
cat policy.json | iam-expand --invert-not-actions
|
|
167
|
+
```
|
|
168
|
+
See [Read from Stdin](#read-from-stdin) for more details
|
|
169
|
+
|
|
150
170
|
#### `--show-data-version`
|
|
151
171
|
Show the version of the data that is being used to expand the actions and exit.
|
|
152
172
|
|
|
@@ -238,9 +258,51 @@ Gives this file in `expanded-policy.json`
|
|
|
238
258
|
}
|
|
239
259
|
```
|
|
240
260
|
|
|
261
|
+
You can also invert the `NotAction` using `--invert-not-actions`. This will replace the `NotAction` element with an `Action` element that is the inverse of actions listed in the `NotAction`.
|
|
262
|
+
```bash
|
|
263
|
+
cat policy.json | iam-expand --invert-not-actions > inverted-policy.json
|
|
264
|
+
```
|
|
265
|
+
|
|
266
|
+
Gives this file in `inverted-policy.json`
|
|
267
|
+
```json
|
|
268
|
+
{
|
|
269
|
+
"Version": "2012-10-17",
|
|
270
|
+
"Statement": [
|
|
271
|
+
{
|
|
272
|
+
"Effect": "Allow",
|
|
273
|
+
// Was "s3:Get*Tagging"
|
|
274
|
+
"Action": [
|
|
275
|
+
"s3:GetBucketTagging",
|
|
276
|
+
"s3:GetJobTagging",
|
|
277
|
+
"s3:GetObjectTagging",
|
|
278
|
+
"s3:GetObjectVersionTagging",
|
|
279
|
+
"s3:GetStorageLensConfigurationTagging"
|
|
280
|
+
],
|
|
281
|
+
"Resource": "*"
|
|
282
|
+
},
|
|
283
|
+
{
|
|
284
|
+
"Effect": "Deny",
|
|
285
|
+
// Was NotAction: ["s3:Get*Tagging", "s3:Put*Tagging"]
|
|
286
|
+
// Now is Action: everything but the Get*Tagging and Put*Tagging actions
|
|
287
|
+
"Action": [
|
|
288
|
+
"a2c:GetContainerizationJobDetails",
|
|
289
|
+
"a2c:GetDeploymentJobDetails",
|
|
290
|
+
"a2c:StartContainerizationJob",
|
|
291
|
+
...
|
|
292
|
+
"xray:UntagResource",
|
|
293
|
+
"xray:UpdateGroup",
|
|
294
|
+
"xray:UpdateSamplingRule",
|
|
295
|
+
],
|
|
296
|
+
"Resource": "*"
|
|
297
|
+
}
|
|
298
|
+
]
|
|
299
|
+
}
|
|
300
|
+
```
|
|
301
|
+
|
|
302
|
+
|
|
241
303
|
You can also use this to expand the actions from the output of commands.
|
|
242
304
|
```bash
|
|
243
|
-
aws iam get-account-authorization-details --output json | iam-expand --
|
|
305
|
+
aws iam get-account-authorization-details --output json | iam-expand --read-wait-ms=20_000 > expanded-authorization-details.json
|
|
244
306
|
# Now you can search the output for actions you are interested in
|
|
245
307
|
grep -n "kms:DisableKey" expanded-authorization-details.json
|
|
246
308
|
```
|
|
@@ -313,7 +375,9 @@ expandIamActions(['s3:Get*Tagging', 's3:Put*Tagging'])
|
|
|
313
375
|
]
|
|
314
376
|
```
|
|
315
377
|
|
|
316
|
-
## API
|
|
378
|
+
## API Reference
|
|
379
|
+
|
|
380
|
+
## `expandIamActions`
|
|
317
381
|
`expandIamActions(actionStringOrStrings: string | string[], overrideOptions?: Partial<ExpandIamActionsOptions>)` is the main function that will expand the actions of the IAM policy. Takes a string or array of strings and returns an array of strings that the input matches.
|
|
318
382
|
|
|
319
383
|
## Only Valid Values
|
|
@@ -338,22 +402,6 @@ expandIamActions('*', { expandAsterisk: true })
|
|
|
338
402
|
//Many many strings. 🫢
|
|
339
403
|
]
|
|
340
404
|
```
|
|
341
|
-
### `expandServiceAsterisk`
|
|
342
|
-
By default, a service name followed by a `*` (such as `s3:*` or `lambda:*`) will not be expanded. If you want to expand these you can set this option to `true`.
|
|
343
|
-
|
|
344
|
-
```typescript
|
|
345
|
-
import { expandIamActions } from '@cloud-copilot/iam-expand';
|
|
346
|
-
|
|
347
|
-
//Returns the unexpanded value
|
|
348
|
-
expandIamActions('s3:*')
|
|
349
|
-
['s3:*']
|
|
350
|
-
|
|
351
|
-
//Returns the expanded value
|
|
352
|
-
expandIamActions('s3:*', { expandServiceAsterisk: true })
|
|
353
|
-
[
|
|
354
|
-
//All the s3 actions. 🫢
|
|
355
|
-
]
|
|
356
|
-
```
|
|
357
405
|
|
|
358
406
|
### `errorOnInvalidFormat`
|
|
359
407
|
By default, if an invalid format is passed in, such as:
|
|
@@ -389,7 +437,7 @@ expandIamActions('r2:Get*Tagging', { errorOnInvalidService: true })
|
|
|
389
437
|
//Uncaught Error: Service not found: r2
|
|
390
438
|
```
|
|
391
439
|
|
|
392
|
-
|
|
440
|
+
### `invalidActionBehavior`
|
|
393
441
|
By default, if an action is passed in that does not exist in the IAM data, it will be silently ignored and left out of the output. There are two options to override this behavior: `Error` and `Include`.
|
|
394
442
|
|
|
395
443
|
```typescript
|
|
@@ -412,4 +460,5 @@ expandIamActions('ec2:DestroyAvailabilityZone', { invalidActionBehavior: Invalid
|
|
|
412
460
|
['ec2:DestroyAvailabilityZone']
|
|
413
461
|
```
|
|
414
462
|
|
|
415
|
-
|
|
463
|
+
## `invertIamActions`
|
|
464
|
+
`invertIamActions(actionString: string): string` will take an action string and return all actions not matching . For example `s3:Get*Tagging` will return all actions from all services except those s3 actions that match the pattern `Get*Tagging`.
|
package/dist/cjs/cli.js
CHANGED
|
@@ -45,7 +45,7 @@ function printUsage() {
|
|
|
45
45
|
console.log(' --invert-not-actions: If JSON, replace NotAction strings or arrays with Action arrays that have the inverse actions');
|
|
46
46
|
console.log('CLI Behavior Options:');
|
|
47
47
|
console.log(' --show-data-version: Print the version of the iam-data package being used and exit');
|
|
48
|
-
console.log(' --read-wait-ms:
|
|
48
|
+
console.log(' --read-wait-ms: Milliseconds to wait for the first byte from stdin before timing out.');
|
|
49
49
|
console.log(' Example: --read-wait-ms=10_000');
|
|
50
50
|
process.exit(1);
|
|
51
51
|
}
|
|
@@ -108,7 +108,7 @@ async function run() {
|
|
|
108
108
|
warnings.push('--invert-not-actions is only supported when processing JSON, ignoring.');
|
|
109
109
|
}
|
|
110
110
|
if (options.invert) {
|
|
111
|
-
await runAndPrint(() => (0, invert_js_1.
|
|
111
|
+
await runAndPrint(() => (0, invert_js_1.invertIamActions)(actionStrings, options));
|
|
112
112
|
}
|
|
113
113
|
else {
|
|
114
114
|
await runAndPrint(() => (0, expand_js_1.expandIamActions)(actionStrings, options));
|
package/dist/cjs/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";;;AAEA,sDAA2E;AAC3E,iDAA4D;AAC5D,2CAA+C;AAC/C,
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";;;AAEA,sDAA2E;AAC3E,iDAA4D;AAC5D,2CAA+C;AAC/C,2CAA+C;AAE/C,MAAM,WAAW,GAAG,YAAY,CAAA;AAChC,MAAM,WAAW,GAAG,yBAAyB,CAAA;AAE7C;;;;GAIG;AACH,KAAK,UAAU,WAAW,CAAC,IAA6B;IACtD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAI,EAAE,CAAA;QAC3B,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACrB,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;QACxB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,UAAU;IACjB,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IACrB,OAAO,CAAC,GAAG,CAAC,KAAK,WAAW,oCAAoC,CAAC,CAAA;IACjE,OAAO,CAAC,GAAG,CAAC,2BAA2B,WAAW,YAAY,CAAC,CAAA;IAC/D,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;IACxC,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAA;IACtE,OAAO,CAAC,GAAG,CAAC,+FAA+F,CAAC,CAAA;IAC5G,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAA;IACrF,OAAO,CAAC,GAAG,CAAC,gFAAgF,CAAC,CAAA;IAC7F,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAA;IAC9E,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAA;IAChF,OAAO,CAAC,GAAG,CAAC,yFAAyF,CAAC,CAAA;IAEtG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAA;IACjC,OAAO,CAAC,GAAG,CAAC,oEAAoE,CAAC,CAAA;IACjF,OAAO,CAAC,GAAG,CAAC,uHAAuH,CAAC,CAAA;IAGpI,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAA;IACpC,OAAO,CAAC,GAAG,CAAC,sFAAsF,CAAC,CAAA;IACnG,OAAO,CAAC,GAAG,CAAC,yFAAyF,CAAC,CAAA;IACtG,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAA;IAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC;AAED;;;;GAIG;AACH,SAAS,aAAa,CAAC,QAAkB;IACvC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,WAAW,OAAO,EAAE,CAAC,CAAA;IACpC,CAAC;AACH,CAAC;AAED,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,gCAAgC;AACpE,MAAM,aAAa,GAAa,EAAE,CAAA;AAClC,MAAM,aAAa,GAAa,EAAE,CAAA;AAElC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,IAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACzB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,OAAO,GAAG,IAAA,6BAAc,EAAC,aAAa,CAAC,CAAA;IAC7C,IAAG,OAAO,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,IAAA,yBAAc,GAAE,CAAA;QACtC,MAAM,SAAS,GAAG,MAAM,IAAA,2BAAgB,GAAE,CAAA;QAC1C,OAAO,CAAC,GAAG,CAAC,GAAG,WAAW,aAAa,OAAO,EAAE,CAAC,CAAA;QACjD,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,IAAA,2BAAgB,GAAE,EAAE,CAAC,CAAA;QAC7D,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAA;QAClC,OAAO,CAAC,GAAG,CAAC,gBAAgB,WAAW,EAAE,CAAC,CAAA;QAC1C,OAAO,CAAC,GAAG,CAAC,mBAAmB,WAAW,EAAE,CAAC,CAAA;QAC7C,OAAM;IACR,CAAC;IAED,MAAM,QAAQ,GAAa,EAAE,CAAA;IAE7B,IAAG,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,6CAA6C;QAC7C,MAAM,WAAW,GAAG,MAAM,IAAA,yBAAU,EAAC,OAAO,CAAC,CAAA;QAC7C,IAAG,WAAW,CAAC,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;YACxD,IAAG,OAAO,CAAC,MAAM,EAAE,CAAC;gBAClB,aAAa,CAAC,CAAC,+FAA+F,CAAC,CAAC,CAAA;YAClH,CAAC;YACD,OAAM;QACR,CAAC;aAAM,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YAC/B,MAAM,YAAY,GAAG,WAAW,CAAC,OAAO,CAAA;YACxC,IAAG,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC3B,IAAG,OAAO,CAAC,cAAc,EAAE,CAAC;oBAC1B,QAAQ,CAAC,IAAI,CAAC,uEAAuE,CAAC,CAAA;gBACxF,CAAC;YACH,CAAC;YACD,aAAa,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAA;QACrC,CAAC;IACH,CAAC;IAED,IAAG,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,IAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC;YAC5B,QAAQ,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAA;QACzF,CAAC;QACD,IAAG,OAAO,CAAC,MAAM,EAAE,CAAC;YAClB,MAAM,WAAW,CAAC,GAAG,EAAE,CAAC,IAAA,4BAAgB,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAA;QACnE,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,CAAC,GAAG,EAAE,CAAC,IAAA,4BAAgB,EAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAA;QACnE,CAAC;QAED,aAAa,CAAC,QAAQ,CAAC,CAAA;QACvB,OAAM;IACR,CAAC;IAED,UAAU,EAAE,CAAA;AACd,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAChB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA"}
|
package/dist/cjs/expand_file.js
CHANGED
|
@@ -31,7 +31,7 @@ async function expandJsonDocument(options, document, key) {
|
|
|
31
31
|
}
|
|
32
32
|
if (typeof document === 'object' && document !== null) {
|
|
33
33
|
if (options.invertNotActions && document.NotAction && isStringOrArrayofStrings(document.NotAction)) {
|
|
34
|
-
document.Action = (0, invert_js_1.
|
|
34
|
+
document.Action = (0, invert_js_1.invertIamActions)(document.NotAction);
|
|
35
35
|
delete document.NotAction;
|
|
36
36
|
}
|
|
37
37
|
for (const key of Object.keys(document)) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"expand_file.js","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":";;AAoBA,gDA+BC;AAnDD,2CAAwE;AACxE,
|
|
1
|
+
{"version":3,"file":"expand_file.js","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":";;AAoBA,gDA+BC;AAnDD,2CAAwE;AACxE,2CAA+C;AAM/C,MAAM,cAAc,GAAwD;IAC1E,gBAAgB,EAAE,KAAK;CACxB,CAAA;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,kBAAkB,CAAC,OAA2C,EAAE,QAAa,EAAE,GAAY;IAC/G,OAAO,GAAG,EAAC,GAAG,cAAc,EAAE,GAAG,OAAO,EAAC,CAAC;IAE1C,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;QAC5C,IAAI,wBAAwB,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvC,OAAO,IAAA,4BAAgB,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,EAAE,CAAC;QACnB,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,IAAI,CAAC,MAAM,kBAAkB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtD,IAAG,OAAO,CAAC,gBAAgB,IAAI,QAAQ,CAAC,SAAS,IAAI,wBAAwB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAClG,QAAQ,CAAC,MAAM,GAAG,IAAA,4BAAgB,EAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;YACtD,OAAO,QAAQ,CAAC,SAAS,CAAA;QAC3B,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,GAAG,CAAC,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;GAKG;AACH,SAAS,wBAAwB,CAAC,KAAU;IAC1C,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;AACjH,CAAC"}
|
package/dist/cjs/index.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
export { extractActionsFromLineOfInput } from './cli_utils.js';
|
|
2
|
-
export { ExpandIamActionsOptions, InvalidActionBehavior
|
|
3
|
-
export { expandJsonDocument } from './expand_file.js';
|
|
2
|
+
export { expandIamActions, type ExpandIamActionsOptions, type InvalidActionBehavior } from './expand.js';
|
|
3
|
+
export { expandJsonDocument, type ExpandJsonDocumentOptions } from './expand_file.js';
|
|
4
|
+
export { invertIamActions as invert } from './invert.js';
|
|
4
5
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/cjs/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,EAAE,gBAAgB,EAAE,KAAK,uBAAuB,EAAE,KAAK,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACzG,OAAO,EAAE,kBAAkB,EAAE,KAAK,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AACtF,OAAO,EAAE,gBAAgB,IAAI,MAAM,EAAE,MAAM,aAAa,CAAC"}
|
package/dist/cjs/index.js
CHANGED
|
@@ -1,11 +1,12 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.invert = exports.expandJsonDocument = exports.expandIamActions = exports.extractActionsFromLineOfInput = void 0;
|
|
4
4
|
var cli_utils_js_1 = require("./cli_utils.js");
|
|
5
5
|
Object.defineProperty(exports, "extractActionsFromLineOfInput", { enumerable: true, get: function () { return cli_utils_js_1.extractActionsFromLineOfInput; } });
|
|
6
6
|
var expand_js_1 = require("./expand.js");
|
|
7
|
-
Object.defineProperty(exports, "InvalidActionBehavior", { enumerable: true, get: function () { return expand_js_1.InvalidActionBehavior; } });
|
|
8
7
|
Object.defineProperty(exports, "expandIamActions", { enumerable: true, get: function () { return expand_js_1.expandIamActions; } });
|
|
9
8
|
var expand_file_js_1 = require("./expand_file.js");
|
|
10
9
|
Object.defineProperty(exports, "expandJsonDocument", { enumerable: true, get: function () { return expand_file_js_1.expandJsonDocument; } });
|
|
10
|
+
var invert_js_1 = require("./invert.js");
|
|
11
|
+
Object.defineProperty(exports, "invert", { enumerable: true, get: function () { return invert_js_1.invertIamActions; } });
|
|
11
12
|
//# sourceMappingURL=index.js.map
|
package/dist/cjs/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAAA,+CAA+D;AAAtD,6HAAA,6BAA6B,OAAA;AACtC,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":";;;AAAA,+CAA+D;AAAtD,6HAAA,6BAA6B,OAAA;AACtC,yCAAyG;AAAhG,6GAAA,gBAAgB,OAAA;AACzB,mDAAsF;AAA7E,oHAAA,kBAAkB,OAAA;AAC3B,yCAAyD;AAAhD,mGAAA,gBAAgB,OAAU"}
|
package/dist/cjs/invert.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
export interface InvertIamActionsOptions {
|
|
2
2
|
}
|
|
3
|
-
export declare function
|
|
3
|
+
export declare function invertIamActions(actionStringOrStrings: string | string[], overrideOptions?: Partial<InvertIamActionsOptions>): Promise<string[]>;
|
|
4
4
|
//# sourceMappingURL=invert.d.ts.map
|
package/dist/cjs/invert.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"invert.d.ts","sourceRoot":"","sources":["../../src/invert.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,uBAAuB;CACvC;AAID,wBAAsB,
|
|
1
|
+
{"version":3,"file":"invert.d.ts","sourceRoot":"","sources":["../../src/invert.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,uBAAuB;CACvC;AAID,wBAAsB,gBAAgB,CAAC,qBAAqB,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,eAAe,CAAC,EAAE,OAAO,CAAC,uBAAuB,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAoDtJ"}
|
package/dist/cjs/invert.js
CHANGED
|
@@ -1,10 +1,10 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.
|
|
3
|
+
exports.invertIamActions = invertIamActions;
|
|
4
4
|
const iam_data_1 = require("@cloud-copilot/iam-data");
|
|
5
5
|
const util_js_1 = require("./util.js");
|
|
6
6
|
const defaultOptions = {};
|
|
7
|
-
async function
|
|
7
|
+
async function invertIamActions(actionStringOrStrings, overrideOptions) {
|
|
8
8
|
const options = { ...defaultOptions, ...overrideOptions };
|
|
9
9
|
if (!actionStringOrStrings) {
|
|
10
10
|
throw new Error('at least one action must be provided to invert');
|
package/dist/cjs/invert.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"invert.js","sourceRoot":"","sources":["../../src/invert.ts"],"names":[],"mappings":";;AAQA,
|
|
1
|
+
{"version":3,"file":"invert.js","sourceRoot":"","sources":["../../src/invert.ts"],"names":[],"mappings":";;AAQA,4CAoDC;AA5DD,sDAA8E;AAC9E,uCAAuE;AAKvE,MAAM,cAAc,GAA4B,EAAE,CAAA;AAE3C,KAAK,UAAU,gBAAgB,CAAC,qBAAwC,EAAE,eAAkD;IACjI,MAAM,OAAO,GAAG,EAAC,GAAG,cAAc,EAAE,GAAG,eAAe,EAAC,CAAA;IAEvD,IAAG,CAAC,qBAAqB,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;IACnE,CAAC;IAED,IAAI,eAAe,GAAG,KAAK,CAAA;IAC3B,MAAM,iBAAiB,GAAG,IAAI,GAAG,EAAU,CAAA;IAC3C,MAAM,eAAe,GAA6B,EAAE,CAAA;IAEpD,MAAM,eAAe,GAAG,KAAK,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAA;IAC9G,KAAI,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;QACpC,IAAG,MAAM,CAAC,KAAK,CAAC,6BAAmB,CAAC,EAAE,CAAC;YACrC,eAAe,GAAG,IAAI,CAAA;YACtB,MAAM;QACR,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,SAAS;QACX,CAAC;QACD,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAA;QACxE,IAAG,eAAe,CAAC,KAAK,CAAC,6BAAmB,CAAC,EAAE,CAAC;YAC9C,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;YAC9B,SAAS;QACX,CAAC;QACD,IAAG,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,CAAA;QAC/B,CAAC;QACD,eAAe,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAA,gCAAsB,EAAC,eAAe,CAAC,CAAC,CAAA;IACxE,CAAC;IAED,IAAG,eAAe,EAAE,CAAC;QACnB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,IAAA,yBAAc,GAAE,CAAA;IAC1C,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE;QACzE,IAAG,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;YACrC,OAAO,EAAE,CAAA;QACX,CAAC;QACD,MAAM,cAAc,GAAG,MAAM,IAAA,+BAAoB,EAAC,UAAU,CAAC,CAAA;QAC7D,MAAM,yBAAyB,GAAG,eAAe,CAAC,UAAU,CAAC,IAAI,EAAE,CAAA;QACnE,IAAG,yBAAyB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,OAAO,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,UAAU,IAAI,MAAM,EAAE,CAAC,CAAA;QAChE,CAAC;QACD,OAAO,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;YACpC,OAAO,CAAC,yBAAyB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAA;QAC1E,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,UAAU,IAAI,MAAM,EAAE,CAAC,CAAA;IAC7C,CAAC,CAAC,CAAC,CAAA;IAEH,OAAQ,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;AACxD,CAAC"}
|
package/dist/esm/cli.js
CHANGED
|
@@ -2,7 +2,7 @@
|
|
|
2
2
|
import { iamDataUpdatedAt, iamDataVersion } from "@cloud-copilot/iam-data";
|
|
3
3
|
import { convertOptions, parseStdIn } from "./cli_utils.js";
|
|
4
4
|
import { expandIamActions } from "./expand.js";
|
|
5
|
-
import {
|
|
5
|
+
import { invertIamActions } from "./invert.js";
|
|
6
6
|
const commandName = 'iam-expand';
|
|
7
7
|
const dataPackage = '@cloud-copilot/iam-data';
|
|
8
8
|
/**
|
|
@@ -43,7 +43,7 @@ function printUsage() {
|
|
|
43
43
|
console.log(' --invert-not-actions: If JSON, replace NotAction strings or arrays with Action arrays that have the inverse actions');
|
|
44
44
|
console.log('CLI Behavior Options:');
|
|
45
45
|
console.log(' --show-data-version: Print the version of the iam-data package being used and exit');
|
|
46
|
-
console.log(' --read-wait-ms:
|
|
46
|
+
console.log(' --read-wait-ms: Milliseconds to wait for the first byte from stdin before timing out.');
|
|
47
47
|
console.log(' Example: --read-wait-ms=10_000');
|
|
48
48
|
process.exit(1);
|
|
49
49
|
}
|
|
@@ -106,7 +106,7 @@ async function run() {
|
|
|
106
106
|
warnings.push('--invert-not-actions is only supported when processing JSON, ignoring.');
|
|
107
107
|
}
|
|
108
108
|
if (options.invert) {
|
|
109
|
-
await runAndPrint(() =>
|
|
109
|
+
await runAndPrint(() => invertIamActions(actionStrings, options));
|
|
110
110
|
}
|
|
111
111
|
else {
|
|
112
112
|
await runAndPrint(() => expandIamActions(actionStrings, options));
|
package/dist/esm/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,gBAAgB,CAAC;AAC5D,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,MAAM,WAAW,GAAG,YAAY,CAAA;AAChC,MAAM,WAAW,GAAG,yBAAyB,CAAA;AAE7C;;;;GAIG;AACH,KAAK,UAAU,WAAW,CAAC,IAA6B;IACtD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,IAAI,EAAE,CAAA;QAC3B,KAAK,MAAM,MAAM,IAAI,MAAM,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;QACrB,CAAC;IACH,CAAC;IAAC,OAAO,CAAM,EAAE,CAAC;QAChB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAA;QACxB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,UAAU;IACjB,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IACrB,OAAO,CAAC,GAAG,CAAC,KAAK,WAAW,oCAAoC,CAAC,CAAA;IACjE,OAAO,CAAC,GAAG,CAAC,2BAA2B,WAAW,YAAY,CAAC,CAAA;IAC/D,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAA;IACxC,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAA;IACtE,OAAO,CAAC,GAAG,CAAC,+FAA+F,CAAC,CAAA;IAC5G,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAA;IACrF,OAAO,CAAC,GAAG,CAAC,gFAAgF,CAAC,CAAA;IAC7F,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAA;IAC9E,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAA;IAChF,OAAO,CAAC,GAAG,CAAC,yFAAyF,CAAC,CAAA;IAEtG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAA;IACjC,OAAO,CAAC,GAAG,CAAC,oEAAoE,CAAC,CAAA;IACjF,OAAO,CAAC,GAAG,CAAC,uHAAuH,CAAC,CAAA;IAGpI,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAA;IACpC,OAAO,CAAC,GAAG,CAAC,sFAAsF,CAAC,CAAA;IACnG,OAAO,CAAC,GAAG,CAAC,yFAAyF,CAAC,CAAA;IACtG,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAA;IAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC;AAED;;;;GAIG;AACH,SAAS,aAAa,CAAC,QAAkB;IACvC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,OAAO,CAAC,IAAI,CAAC,WAAW,OAAO,EAAE,CAAC,CAAA;IACpC,CAAC;AACH,CAAC;AAED,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,gCAAgC;AACpE,MAAM,aAAa,GAAa,EAAE,CAAA;AAClC,MAAM,aAAa,GAAa,EAAE,CAAA;AAElC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,IAAG,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACzB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,GAAG;IAChB,MAAM,OAAO,GAAG,cAAc,CAAC,aAAa,CAAC,CAAA;IAC7C,IAAG,OAAO,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,MAAM,cAAc,EAAE,CAAA;QACtC,MAAM,SAAS,GAAG,MAAM,gBAAgB,EAAE,CAAA;QAC1C,OAAO,CAAC,GAAG,CAAC,GAAG,WAAW,aAAa,OAAO,EAAE,CAAC,CAAA;QACjD,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,gBAAgB,EAAE,EAAE,CAAC,CAAA;QAC7D,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAA;QAClC,OAAO,CAAC,GAAG,CAAC,gBAAgB,WAAW,EAAE,CAAC,CAAA;QAC1C,OAAO,CAAC,GAAG,CAAC,mBAAmB,WAAW,EAAE,CAAC,CAAA;QAC7C,OAAM;IACR,CAAC;IAED,MAAM,QAAQ,GAAa,EAAE,CAAA;IAE7B,IAAG,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,6CAA6C;QAC7C,MAAM,WAAW,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAA;QAC7C,IAAG,WAAW,CAAC,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;YACxD,IAAG,OAAO,CAAC,MAAM,EAAE,CAAC;gBAClB,aAAa,CAAC,CAAC,+FAA+F,CAAC,CAAC,CAAA;YAClH,CAAC;YACD,OAAM;QACR,CAAC;aAAM,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;YAC/B,MAAM,YAAY,GAAG,WAAW,CAAC,OAAO,CAAA;YACxC,IAAG,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC3B,IAAG,OAAO,CAAC,cAAc,EAAE,CAAC;oBAC1B,QAAQ,CAAC,IAAI,CAAC,uEAAuE,CAAC,CAAA;gBACxF,CAAC;YACH,CAAC;YACD,aAAa,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAA;QACrC,CAAC;IACH,CAAC;IAED,IAAG,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,IAAG,OAAO,CAAC,gBAAgB,EAAE,CAAC;YAC5B,QAAQ,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAA;QACzF,CAAC;QACD,IAAG,OAAO,CAAC,MAAM,EAAE,CAAC;YAClB,MAAM,WAAW,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAA;QACnE,CAAC;aAAM,CAAC;YACN,MAAM,WAAW,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,CAAA;QACnE,CAAC;QAED,aAAa,CAAC,QAAQ,CAAC,CAAA;QACvB,OAAM;IACR,CAAC;IAED,UAAU,EAAE,CAAA;AACd,CAAC;AAED,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IAChB,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA"}
|
package/dist/esm/expand_file.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { expandIamActions } from "./expand.js";
|
|
2
|
-
import {
|
|
2
|
+
import { invertIamActions } from "./invert.js";
|
|
3
3
|
const defaultOptions = {
|
|
4
4
|
invertNotActions: false
|
|
5
5
|
};
|
|
@@ -28,7 +28,7 @@ export async function expandJsonDocument(options, document, key) {
|
|
|
28
28
|
}
|
|
29
29
|
if (typeof document === 'object' && document !== null) {
|
|
30
30
|
if (options.invertNotActions && document.NotAction && isStringOrArrayofStrings(document.NotAction)) {
|
|
31
|
-
document.Action =
|
|
31
|
+
document.Action = invertIamActions(document.NotAction);
|
|
32
32
|
delete document.NotAction;
|
|
33
33
|
}
|
|
34
34
|
for (const key of Object.keys(document)) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"expand_file.js","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAA2B,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"expand_file.js","sourceRoot":"","sources":["../../src/expand_file.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAA2B,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAM/C,MAAM,cAAc,GAAwD;IAC1E,gBAAgB,EAAE,KAAK;CACxB,CAAA;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,OAA2C,EAAE,QAAa,EAAE,GAAY;IAC/G,OAAO,GAAG,EAAC,GAAG,cAAc,EAAE,GAAG,OAAO,EAAC,CAAC;IAE1C,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;QAC5C,IAAI,wBAAwB,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvC,OAAO,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,EAAE,CAAC;QACnB,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,IAAI,CAAC,MAAM,kBAAkB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC;QACxD,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtD,IAAG,OAAO,CAAC,gBAAgB,IAAI,QAAQ,CAAC,SAAS,IAAI,wBAAwB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAClG,QAAQ,CAAC,MAAM,GAAG,gBAAgB,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;YACtD,OAAO,QAAQ,CAAC,SAAS,CAAA;QAC3B,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,GAAG,CAAC,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC;QACxE,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;GAKG;AACH,SAAS,wBAAwB,CAAC,KAAU;IAC1C,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;AACjH,CAAC"}
|
package/dist/esm/index.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
export { extractActionsFromLineOfInput } from './cli_utils.js';
|
|
2
|
-
export { ExpandIamActionsOptions, InvalidActionBehavior
|
|
3
|
-
export { expandJsonDocument } from './expand_file.js';
|
|
2
|
+
export { expandIamActions, type ExpandIamActionsOptions, type InvalidActionBehavior } from './expand.js';
|
|
3
|
+
export { expandJsonDocument, type ExpandJsonDocumentOptions } from './expand_file.js';
|
|
4
|
+
export { invertIamActions as invert } from './invert.js';
|
|
4
5
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/esm/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,EAAE,gBAAgB,EAAE,KAAK,uBAAuB,EAAE,KAAK,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACzG,OAAO,EAAE,kBAAkB,EAAE,KAAK,yBAAyB,EAAE,MAAM,kBAAkB,CAAC;AACtF,OAAO,EAAE,gBAAgB,IAAI,MAAM,EAAE,MAAM,aAAa,CAAC"}
|
package/dist/esm/index.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
export { extractActionsFromLineOfInput } from './cli_utils.js';
|
|
2
|
-
export {
|
|
2
|
+
export { expandIamActions } from './expand.js';
|
|
3
3
|
export { expandJsonDocument } from './expand_file.js';
|
|
4
|
+
export { invertIamActions as invert } from './invert.js';
|
|
4
5
|
//# sourceMappingURL=index.js.map
|
package/dist/esm/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,6BAA6B,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,EAAE,gBAAgB,EAA4D,MAAM,aAAa,CAAC;AACzG,OAAO,EAAE,kBAAkB,EAAkC,MAAM,kBAAkB,CAAC;AACtF,OAAO,EAAE,gBAAgB,IAAI,MAAM,EAAE,MAAM,aAAa,CAAC"}
|
package/dist/esm/invert.d.ts
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
1
|
export interface InvertIamActionsOptions {
|
|
2
2
|
}
|
|
3
|
-
export declare function
|
|
3
|
+
export declare function invertIamActions(actionStringOrStrings: string | string[], overrideOptions?: Partial<InvertIamActionsOptions>): Promise<string[]>;
|
|
4
4
|
//# sourceMappingURL=invert.d.ts.map
|
package/dist/esm/invert.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"invert.d.ts","sourceRoot":"","sources":["../../src/invert.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,uBAAuB;CACvC;AAID,wBAAsB,
|
|
1
|
+
{"version":3,"file":"invert.d.ts","sourceRoot":"","sources":["../../src/invert.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,uBAAuB;CACvC;AAID,wBAAsB,gBAAgB,CAAC,qBAAqB,EAAE,MAAM,GAAG,MAAM,EAAE,EAAE,eAAe,CAAC,EAAE,OAAO,CAAC,uBAAuB,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAoDtJ"}
|
package/dist/esm/invert.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
import { iamActionsForService, iamServiceKeys } from "@cloud-copilot/iam-data";
|
|
2
2
|
import { allAsterisksPattern, convertStringToPattern } from "./util.js";
|
|
3
3
|
const defaultOptions = {};
|
|
4
|
-
export async function
|
|
4
|
+
export async function invertIamActions(actionStringOrStrings, overrideOptions) {
|
|
5
5
|
const options = { ...defaultOptions, ...overrideOptions };
|
|
6
6
|
if (!actionStringOrStrings) {
|
|
7
7
|
throw new Error('at least one action must be provided to invert');
|
package/dist/esm/invert.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"invert.js","sourceRoot":"","sources":["../../src/invert.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC9E,OAAO,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAA;AAKvE,MAAM,cAAc,GAA4B,EAAE,CAAA;AAElD,MAAM,CAAC,KAAK,UAAU,
|
|
1
|
+
{"version":3,"file":"invert.js","sourceRoot":"","sources":["../../src/invert.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,oBAAoB,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAA;AAC9E,OAAO,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,MAAM,WAAW,CAAA;AAKvE,MAAM,cAAc,GAA4B,EAAE,CAAA;AAElD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,qBAAwC,EAAE,eAAkD;IACjI,MAAM,OAAO,GAAG,EAAC,GAAG,cAAc,EAAE,GAAG,eAAe,EAAC,CAAA;IAEvD,IAAG,CAAC,qBAAqB,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,gDAAgD,CAAC,CAAA;IACnE,CAAC;IAED,IAAI,eAAe,GAAG,KAAK,CAAA;IAC3B,MAAM,iBAAiB,GAAG,IAAI,GAAG,EAAU,CAAA;IAC3C,MAAM,eAAe,GAA6B,EAAE,CAAA;IAEpD,MAAM,eAAe,GAAG,KAAK,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAA;IAC9G,KAAI,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;QACpC,IAAG,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,CAAC;YACrC,eAAe,GAAG,IAAI,CAAA;YACtB,MAAM;QACR,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QAC/B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,SAAS;QACX,CAAC;QACD,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAA;QACxE,IAAG,eAAe,CAAC,KAAK,CAAC,mBAAmB,CAAC,EAAE,CAAC;YAC9C,iBAAiB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAA;YAC9B,SAAS;QACX,CAAC;QACD,IAAG,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,CAAA;QAC/B,CAAC;QACD,eAAe,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,eAAe,CAAC,CAAC,CAAA;IACxE,CAAC;IAED,IAAG,eAAe,EAAE,CAAC;QACnB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,cAAc,EAAE,CAAA;IAC1C,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,KAAK,EAAE,UAAU,EAAE,EAAE;QACzE,IAAG,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;YACrC,OAAO,EAAE,CAAA;QACX,CAAC;QACD,MAAM,cAAc,GAAG,MAAM,oBAAoB,CAAC,UAAU,CAAC,CAAA;QAC7D,MAAM,yBAAyB,GAAG,eAAe,CAAC,UAAU,CAAC,IAAI,EAAE,CAAA;QACnE,IAAG,yBAAyB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1C,OAAO,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,UAAU,IAAI,MAAM,EAAE,CAAC,CAAA;QAChE,CAAC;QACD,OAAO,cAAc,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE;YACpC,OAAO,CAAC,yBAAyB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAA;QAC1E,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,UAAU,IAAI,MAAM,EAAE,CAAC,CAAA;IAC7C,CAAC,CAAC,CAAC,CAAA;IAEH,OAAQ,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;AACxD,CAAC"}
|