@cloud-copilot/iam-lens 0.1.12 → 0.1.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/canWhat/canWhat.d.ts +10 -0
- package/dist/cjs/canWhat/canWhat.d.ts.map +1 -0
- package/dist/cjs/canWhat/canWhat.js +61 -0
- package/dist/cjs/canWhat/canWhat.js.map +1 -0
- package/dist/cjs/canWhat/permission.d.ts +54 -0
- package/dist/cjs/canWhat/permission.d.ts.map +1 -0
- package/dist/cjs/canWhat/permission.js +749 -0
- package/dist/cjs/canWhat/permission.js.map +1 -0
- package/dist/cjs/canWhat/permissionSet.d.ts +59 -0
- package/dist/cjs/canWhat/permissionSet.d.ts.map +1 -0
- package/dist/cjs/canWhat/permissionSet.js +296 -0
- package/dist/cjs/canWhat/permissionSet.js.map +1 -0
- package/dist/cjs/cli.js +28 -0
- package/dist/cjs/cli.js.map +1 -1
- package/dist/esm/canWhat/canWhat.d.ts +10 -0
- package/dist/esm/canWhat/canWhat.d.ts.map +1 -0
- package/dist/esm/canWhat/canWhat.js +58 -0
- package/dist/esm/canWhat/canWhat.js.map +1 -0
- package/dist/esm/canWhat/permission.d.ts +54 -0
- package/dist/esm/canWhat/permission.d.ts.map +1 -0
- package/dist/esm/canWhat/permission.js +737 -0
- package/dist/esm/canWhat/permission.js.map +1 -0
- package/dist/esm/canWhat/permissionSet.d.ts +59 -0
- package/dist/esm/canWhat/permissionSet.d.ts.map +1 -0
- package/dist/esm/canWhat/permissionSet.js +288 -0
- package/dist/esm/canWhat/permissionSet.js.map +1 -0
- package/dist/esm/cli.js +28 -0
- package/dist/esm/cli.js.map +1 -1
- package/package.json +3 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permission.js","sourceRoot":"","sources":["../../../src/canWhat/permission.ts"],"names":[],"mappings":"AAIA;;GAEG;AACH,SAAS,eAAe,CAAC,OAAe;IACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,EAAE,MAAM,CAAC,CAAC,CAAA;IACtF,OAAO,IAAI,MAAM,CAAC,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAA;AACjD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,OAAO,UAAU;IACrB,YACkB,MAAwB,EACxB,OAAe,EACf,MAAc,EACd,QAA8B,EAC9B,WAAiC,EACjC,UAAgE;QALhE,WAAM,GAAN,MAAM,CAAkB;QACxB,YAAO,GAAP,OAAO,CAAQ;QACf,WAAM,GAAN,MAAM,CAAQ;QACd,aAAQ,GAAR,QAAQ,CAAsB;QAC9B,gBAAW,GAAX,WAAW,CAAsB;QACjC,eAAU,GAAV,UAAU,CAAsD;QAEhF,IAAI,QAAQ,KAAK,SAAS,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YACxD,MAAM,IAAI,KAAK,CAAC,2DAA2D,CAAC,CAAA;QAC9E,CAAC;aAAM,IAAI,QAAQ,KAAK,SAAS,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YAC/D,MAAM,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAA;QACzF,CAAC;IACH,CAAC;IAED;;;OAGG;IACI,QAAQ,CAAC,KAAiB;QAC/B,6CAA6C;QAC7C,IACE,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM;YAC5B,IAAI,CAAC,OAAO,KAAK,KAAK,CAAC,OAAO;YAC9B,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAC5B,CAAC;YACD,OAAO,KAAK,CAAA;QACd,CAAC;QAED,8FAA8F;QAC9F,mGAAmG;QACnG,+DAA+D;QAC/D,MAAM,MAAM,GAAG,sBAAsB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QAC5D,MAAM,MAAM,GAAG,sBAAsB,CAAC,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QAC7D,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YACrC,IAAI,CAAC,CAAC,EAAE,IAAI,MAAM,CAAC;gBAAE,OAAO,KAAK,CAAA;YACjC,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;YACrC,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAA;YACrC,kCAAkC;YAClC,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;gBACxB,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;oBAAE,OAAO,KAAK,CAAA;gBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAA;gBAC7B,MAAM,KAAK,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAA;gBAC7B,MAAM,MAAM,GAAG,qBAAqB,CAAC,EAAE,CAAC,CAAA;gBACxC,QAAQ,MAAM,EAAE,CAAC;oBACf,KAAK,cAAc,CAAC;oBACpB,KAAK,YAAY,CAAC;oBAClB,KAAK,WAAW,CAAC;oBACjB,KAAK,SAAS;wBACZ,yDAAyD;wBACzD,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;4BAAE,OAAO,KAAK,CAAA;wBACxD,MAAK;oBACP,KAAK,iBAAiB,CAAC;oBACvB,KAAK,eAAe,CAAC;oBACrB,KAAK,cAAc,CAAC;oBACpB,KAAK,YAAY;wBACf,+DAA+D;wBAC/D,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;4BAAE,OAAO,KAAK,CAAA;wBACxD,MAAK;oBACP,KAAK,iBAAiB,CAAC;oBACvB,KAAK,uBAAuB;wBAC1B,kCAAkC;wBAClC,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;wBAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;wBAC7B,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC;4BAAE,OAAO,KAAK,CAAA;wBAC5C,IAAI,IAAI,GAAG,IAAI;4BAAE,OAAO,KAAK,CAAA;wBAC7B,MAAK;oBACP,KAAK,oBAAoB,CAAC;oBAC1B,KAAK,0BAA0B;wBAC7B,kCAAkC;wBAClC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;wBAC5B,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;wBAC5B,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC;4BAAE,OAAO,KAAK,CAAA;wBAC1C,IAAI,GAAG,GAAG,GAAG;4BAAE,OAAO,KAAK,CAAA;wBAC3B,MAAK;oBACP,KAAK,MAAM;wBACT,yCAAyC;wBACzC,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC;4BAAE,OAAO,KAAK,CAAA;wBACvC,MAAK;oBACP,KAAK,WAAW,CAAC;oBACjB,KAAK,cAAc;wBACjB,sDAAsD;wBACtD,KAAK,MAAM,KAAK,IAAI,KAAK,EAAE,CAAC;4BAC1B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,KAAK,KAAK,CAAC,EAAE,CAAC;gCAC5C,OAAO,KAAK,CAAA;4BACd,CAAC;wBACH,CAAC;wBACD,MAAK;oBACP,KAAK,cAAc,CAAC;oBACpB,KAAK,oBAAoB;wBACvB,0CAA0C;wBAC1C,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;wBACnB,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;wBACnB,IAAI,EAAE,GAAG,EAAE;4BAAE,OAAO,KAAK,CAAA;wBACzB,MAAK;oBACP,KAAK,iBAAiB,CAAC;oBACvB,KAAK,uBAAuB;wBAC1B,0BAA0B;wBAC1B,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;wBACpB,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;wBACpB,IAAI,GAAG,GAAG,GAAG;4BAAE,OAAO,KAAK,CAAA;wBAC3B,MAAK;oBACP;wBACE,OAAO,KAAK,CAAA;gBAChB,CAAC;YACH,CAAC;QACH,CAAC;QAED,8BAA8B;QAE9B,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAA;QAClC,MAAM,eAAe,GAAG,IAAI,CAAC,WAAW,CAAA;QACxC,MAAM,aAAa,GAAG,KAAK,CAAC,QAAQ,CAAA;QACpC,MAAM,gBAAgB,GAAG,KAAK,CAAC,WAAW,CAAA;QAE1C,8BAA8B;QAC9B,IAAI,YAAY,KAAK,SAAS,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;YAC9D,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAC7F,CAAC;QACD,8BAA8B;QAC9B,IAAI,eAAe,KAAK,SAAS,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACpE,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAClC,gBAAgB,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAC5D,CAAA;QACH,CAAC;QAED,qHAAqH;QACrH,IAAI,YAAY,KAAK,SAAS,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACjE,OAAO,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAChG,CAAC;QAED,kDAAkD;QAClD,IAAI,eAAe,KAAK,SAAS,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;YACjE,OAAO,aAAa,CAAC,KAAK,CACxB,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CACpE,CAAA;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;OAKG;IACI,KAAK,CAAC,KAAiB;QAC5B,6CAA6C;QAC7C,IACE,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM;YAC5B,IAAI,CAAC,OAAO,KAAK,KAAK,CAAC,OAAO;YAC9B,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAC5B,CAAC;YACD,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QACtB,CAAC;QAED,yDAAyD;QACzD,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,IAAI,CAAC,CAAA;QACf,CAAC;QACD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,KAAK,CAAC,CAAA;QAChB,CAAC;QAED,mCAAmC;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,IAAI,EAAE,CAAA;QACpC,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,IAAI,EAAE,CAAA;QACrC,MAAM,WAAW,GAAG,eAAe,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QACnD,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;YACzB,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QACtB,CAAC;QAED,qEAAqE;QACrE,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAA;QAClC,MAAM,eAAe,GAAG,IAAI,CAAC,WAAW,CAAA;QACxC,MAAM,aAAa,GAAG,KAAK,CAAC,QAAQ,CAAA;QACpC,MAAM,gBAAgB,GAAG,KAAK,CAAC,WAAW,CAAA;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAA;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;QACvB,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAA;QAE3E,uBAAuB;QACvB,IAAI,YAAY,KAAK,SAAS,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;YAC9D,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,YAAY,EAAE,GAAG,aAAa,CAAC,CAAC,CAAC,CAAA;YACtE,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,CAAA;QACjE,CAAC;QACD,0BAA0B;QAC1B,IAAI,eAAe,KAAK,SAAS,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACpE,0CAA0C;YAC1C,MAAM,YAAY,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAA;YAChF,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC,CAAA;QACxE,CAAC;QACD,0CAA0C;QAC1C,IAAI,YAAY,KAAK,SAAS,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACjE,OAAO;gBACL,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,YAAY,EAAE,SAAS,EAAE,KAAK,CAAC;gBAC7D,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,gBAAgB,EAAE,KAAK,CAAC;aAClE,CAAA;QACH,CAAC;QACD,IAAI,aAAa,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YACjE,OAAO;gBACL,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,aAAa,EAAE,SAAS,EAAE,KAAK,CAAC;gBAC9D,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,eAAe,EAAE,KAAK,CAAC;aACjE,CAAA;QACH,CAAC;QAED,wCAAwC;QACxC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IACtB,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,KAAiB;QACnC,4CAA4C;QAC5C,IACE,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM;YAC5B,IAAI,CAAC,OAAO,KAAK,KAAK,CAAC,OAAO;YAC9B,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAC5B,CAAC;YACD,wDAAwD;YACxD,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,IAAI,IAAI,CAAC,QAAQ,IAAI,SAAS,IAAI,KAAK,CAAC,QAAQ,IAAI,SAAS,EAAE,CAAC;YAC9D,oFAAoF;YACpF,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzB,OAAO,KAAK,CAAA;YACd,CAAC;YACD,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACzB,OAAO,IAAI,CAAA;YACb,CAAC;QACH,CAAC;QAED,2CAA2C;QAC3C,MAAM,CAAC,GAAG,sBAAsB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QACvD,MAAM,CAAC,GAAG,sBAAsB,CAAC,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QACxD,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;QAC1E,MAAM,gBAAgB,GAAyB,EAAE,CAAA;QAEjD,KAAK,MAAM,EAAE,IAAI,MAAM,EAAE,CAAC;YACxB,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,CAAA;YACzB,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,CAAA;YACzB,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;YACnF,gBAAgB,CAAC,EAAE,CAAC,GAAG,EAAE,CAAA;YAEzB,KAAK,MAAM,GAAG,IAAI,OAAO,EAAE,CAAC;gBAC1B,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;gBAC9B,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE,CAAA;gBAE9B,iEAAiE;gBACjE,IAAI,GAAG,IAAI,KAAK,IAAI,GAAG,IAAI,KAAK,EAAE,CAAC;oBACjC,QAAQ,qBAAqB,CAAC,EAAE,CAAC,EAAE,CAAC;wBAClC,KAAK,cAAc,CAAC;wBACpB,KAAK,YAAY,CAAC;wBAClB,KAAK,WAAW,CAAC;wBACjB,KAAK,SAAS,CAAC,CAAC,CAAC;4BACf,+BAA+B;4BAC/B,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAA;4BACrD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gCACxB,OAAO,SAAS,CAAA;4BAClB,CAAC;4BACD,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAA;4BAClC,MAAK;wBACP,CAAC;wBACD,KAAK,iBAAiB,CAAC;wBACvB,KAAK,eAAe,CAAC;wBACrB,KAAK,cAAc,CAAC;wBACpB,KAAK,YAAY,CAAC,CAAC,CAAC;4BAClB,sBAAsB;4BACtB,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;4BACrE,MAAK;wBACP,CAAC;wBACD,KAAK,iBAAiB,CAAC;wBACvB,KAAK,uBAAuB,CAAC,CAAC,CAAC;4BAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;4BAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;4BAC7B,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gCAC/B,OAAO,SAAS,CAAA;4BAClB,CAAC;4BACD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;4BACrC,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAA;4BAC9C,MAAK;wBACP,CAAC;wBACD,KAAK,oBAAoB,CAAC;wBAC1B,KAAK,0BAA0B,CAAC,CAAC,CAAC;4BAChC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;4BAC5B,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;4BAC5B,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;gCAC7B,OAAO,SAAS,CAAA;4BAClB,CAAC;4BACD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAA;4BACnC,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAA;4BAC9C,MAAK;wBACP,CAAC;wBACD,KAAK,MAAM,CAAC,CAAC,CAAC;4BACZ,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gCAC1B,OAAO,SAAS,CAAA;4BAClB,CAAC;4BACD,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;4BACtC,MAAK;wBACP,CAAC;wBACD,KAAK,WAAW,CAAC;wBACjB,KAAK,cAAc,CAAC,CAAC,CAAC;4BACpB,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAA;4BAC3D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gCACxB,OAAO,SAAS,CAAA;4BAClB,CAAC;4BACD,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAA;4BAClC,MAAK;wBACP,CAAC;wBACD,KAAK,cAAc,CAAC;wBACpB,KAAK,oBAAoB,CAAC,CAAC,CAAC;4BAC1B,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;4BACnB,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;4BACnB,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;4BAC/C,MAAK;wBACP,CAAC;wBACD,KAAK,iBAAiB,CAAC;wBACvB,KAAK,uBAAuB,CAAC,CAAC,CAAC;4BAC7B,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;4BACpB,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;4BACpB,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;4BACnD,MAAK;wBACP,CAAC;wBACD;4BACE,OAAO,SAAS,CAAA;oBACpB,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,yCAAyC;oBACzC,gBAAgB,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;gBAClF,CAAC;YACH,CAAC;QACH,CAAC;QAED,mCAAmC;QACnC,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAA;QAClC,MAAM,eAAe,GAAG,IAAI,CAAC,WAAW,CAAA;QACxC,MAAM,aAAa,GAAG,KAAK,CAAC,QAAQ,CAAA;QACpC,MAAM,gBAAgB,GAAG,KAAK,CAAC,WAAW,CAAA;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAA;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;QACvB,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,SAAS,CAAA;QAErF,6CAA6C;QAC7C,IAAI,YAAY,KAAK,SAAS,IAAI,aAAa,KAAK,SAAS,EAAE,CAAC;YAC9D,oFAAoF;YACpF,MAAM,KAAK,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CACvC,aAAa,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CACzD,CAAA;YACD,MAAM,KAAK,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CACxC,YAAY,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CACxD,CAAA;YACD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;YAC5D,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC5B,OAAO,SAAS,CAAA;YAClB,CAAC;YACD,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,UAAU,EAAE,SAAS,EAAE,KAAK,CAAC,CAAA;QACpE,CAAC;QAED,kGAAkG;QAClG,IAAI,eAAe,KAAK,SAAS,IAAI,gBAAgB,KAAK,SAAS,EAAE,CAAC;YACpE,wCAAwC;YACxC,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,eAAe,EAAE,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAA;YAC/E,gEAAgE;YAChE,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAC9B,CAAC,GAAG,EAAE,EAAE,CACN,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,KAAK,GAAG,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CACxF,CAAA;YACD,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAA;QAClE,CAAC;QAED,0CAA0C;QAE1C,MAAM,QAAQ,GAAG,YAAY,IAAI,aAAa,CAAA;QAC9C,MAAM,WAAW,GAAG,eAAe,IAAI,gBAAgB,CAAA;QACvD,IAAI,QAAQ,KAAK,SAAS,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;YACxD,MAAM,QAAQ,GAAG,QAAS,CAAC,MAAM,CAC/B,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,WAAY,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CACjE,CAAA;YACD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,SAAS,CAAA;YAClB,CAAC;YACD,OAAO,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC,CAAA;QAClE,CAAC;QAED,2BAA2B;QAC3B,OAAO,SAAS,CAAA;IAClB,CAAC;IAED;;;OAGG;IACI,QAAQ,CAAC,KAAiB;QAC/B,4DAA4D;QAC5D,IACE,IAAI,CAAC,MAAM,KAAK,OAAO;YACvB,KAAK,CAAC,MAAM,KAAK,MAAM;YACvB,IAAI,CAAC,OAAO,KAAK,KAAK,CAAC,OAAO;YAC9B,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAC5B,CAAC;YACD,yBAAyB;YACzB,OAAO,CAAC,IAAI,CAAC,CAAA;QACf,CAAC;QAED,mFAAmF;QACnF,MAAM,cAAc,GAAG,sBAAsB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QACpE,MAAM,aAAa,GAAG,sBAAsB,CAAC,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QACpE,IAAI,IAAI,CAAC,SAAS,CAAC,cAAc,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,EAAE,CAAC;YACrE,yEAAyE;YACzE,IAAI,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACpC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBACxF,OAAO,EAAE,CAAA;gBACX,CAAC;YACH,CAAC;YACD,yFAAyF;YACzF,IAAI,IAAI,CAAC,WAAW,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;gBAC1C,uFAAuF;gBACvF,IAAI,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,WAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAClE,OAAO,EAAE,CAAA;gBACX,CAAC;YACH,CAAC;QACH,CAAC;QACD,4BAA4B;QAC5B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,KAAK,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QAEzD,sDAAsD;QACtD,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAA;QAChE,MAAM,WAAW,GAAG,4BAA4B,CAC9C,eAAe,CAAC,UAAU,EAAE,QAAQ,CAAC,IAAI;YACvC,GAAG,UAAU;YACb,GAAG,QAAQ;SACZ,CACF,CAAA;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAA;QACnC,MAAM,gBAAgB,GAAG,IAAI,CAAC,WAAW,CAAA;QACzC,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,CAAA;QACnC,MAAM,eAAe,GAAG,KAAK,CAAC,WAAW,CAAA;QAEzC,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;QACvB,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAA;QACxB,MAAM,GAAG,GAAG,IAAI,CAAC,MAAM,CAAA;QACvB,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAA;QAEvE,uCAAuC;QACvC,IAAI,aAAa,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YAC9D,yDAAyD;YACzD,IAAI,CAAC,KAAK,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACpE,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAC7D,CAAA;gBAED,uEAAuE;gBACvE,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAC5C,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CACtD,CAAA;gBACD,IAAI,YAAY,IAAI,SAAS,CAAC,MAAM,KAAK,aAAa,CAAC,MAAM,EAAE,CAAC;oBAC9D,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;gBACtB,CAAC;gBAED,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO,EAAE,CAAA;gBACrC,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,CAAA;YACrE,CAAC;YACD,yFAAyF;YACzF,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,aAAa,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,CAAA;QACzE,CAAC;QAED,kEAAkE;QAClE,IAAI,aAAa,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YACjE,kFAAkF;YAClF,IAAI,KAAK,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACjE,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,aAAa,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,CAAA;YACzE,CAAC;YACD,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAC3C,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAC5D,CAAA;YACD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,EAAE,CAAA;YACrC,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,SAAS,EAAE,KAAK,CAAC,CAAC,CAAA;QACrE,CAAC;QAED,0CAA0C;QAC1C,IAAI,gBAAgB,KAAK,SAAS,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;YACjE,2EAA2E;YAC3E,IAAI,KAAK,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACjE,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAA;YAC5E,CAAC;YAED,uEAAuE;YACvE,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,EAAE,CAC5C,gBAAgB,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAC9D,CAAA;YACD,IAAI,WAAW,EAAE,CAAC;gBAChB,6CAA6C;gBAC7C,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAA;YAC5E,CAAC;YAED,iCAAiC;YACjC,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,gBAAgB,EAAE,GAAG,YAAY,CAAC,CAAC,CAAC,CAAA;YAC1E,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAA;QAClE,CAAC;QAED,oEAAoE;QACpE,IAAI,gBAAgB,KAAK,SAAS,IAAI,eAAe,KAAK,SAAS,EAAE,CAAC;YACpE,kFAAkF;YAClF,IAAI,KAAK,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACjE,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,gBAAgB,EAAE,KAAK,CAAC,CAAC,CAAA;YAC5E,CAAC;YACD,MAAM,YAAY,GAAG,gBAAgB,CAAC,MAAM,CAC1C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CACpE,CAAA;YACD,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,EAAE,CAAA;YACxC,OAAO,CAAC,IAAI,UAAU,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC,CAAA;QACxE,CAAC;QAED,2BAA2B;QAC3B,MAAM,IAAI,KAAK,CAAC,8DAA8D,CAAC,CAAA;IACjF,CAAC;CACF;AAED;;;GAGG;AACH,SAAS,eAAe,CACtB,CAA2C,EAC3C,CAA2C;IAE3C,8EAA8E;IAC9E,CAAC,GAAG,sBAAsB,CAAC,CAAC,CAAC,CAAA;IAC7B,CAAC,GAAG,sBAAsB,CAAC,CAAC,CAAC,CAAA;IAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;IAClC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;IAClC,IAAI,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;QAClD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,MAAM,MAAM,GAAyB,EAAE,CAAA;IAEvC,gDAAgD;IAChD,KAAK,MAAM,EAAE,IAAI,IAAI,EAAE,CAAC;QACtB,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;QACvC,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;QACvC,sFAAsF;QACtF,IAAI,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,EAAE,CAAC;YACpD,OAAO,IAAI,CAAA;QACb,CAAC;QAED,qFAAqF;QACrF,MAAM,CAAC,EAAE,CAAC,GAAG,EAAE,CAAA;QACf,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;YACxB,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAA;YACxB,MAAM,KAAK,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAA;YAExB,gDAAgD;YAChD,QAAQ,qBAAqB,CAAC,EAAE,CAAC,EAAE,CAAC;gBAClC,KAAK,cAAc,CAAC;gBACpB,KAAK,YAAY,CAAC;gBAClB,KAAK,iBAAiB,CAAC;gBACvB,KAAK,eAAe,CAAC;gBACrB,KAAK,WAAW,CAAC;gBACjB,KAAK,SAAS,CAAC;gBACf,KAAK,cAAc,CAAC;gBACpB,KAAK,YAAY;oBACf,sDAAsD;oBACtD,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;oBAC3D,MAAK;gBAEP,KAAK,iBAAiB,CAAC;gBACvB,KAAK,uBAAuB,CAAC;gBAC7B,KAAK,oBAAoB,CAAC;gBAC1B,KAAK,0BAA0B,CAAC;gBAChC,KAAK,eAAe,CAAC;gBACrB,KAAK,kBAAkB;oBACrB,8EAA8E;oBAC9E,0EAA0E;oBAC1E,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;oBACzC,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;oBACzC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;wBAC3C,gCAAgC;wBAChC,OAAO,IAAI,CAAA;oBACb,CAAC;oBACD,IAAI,EAAE,KAAK,iBAAiB,IAAI,EAAE,KAAK,uBAAuB,EAAE,CAAC;wBAC/D,+BAA+B;wBAC/B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC,CAAA;wBAC9C,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAA;oBACvC,CAAC;yBAAM,IAAI,EAAE,KAAK,oBAAoB,IAAI,EAAE,KAAK,0BAA0B,EAAE,CAAC;wBAC5E,gCAAgC;wBAChC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC,CAAA;wBAC9C,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAA;oBACvC,CAAC;yBAAM,IAAI,EAAE,KAAK,eAAe,IAAI,EAAE,KAAK,kBAAkB,EAAE,CAAC;wBAC/D,gDAAgD;wBAChD,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAA;oBACrF,CAAC;oBACD,MAAK;gBAEP,KAAK,cAAc,CAAC;gBACpB,KAAK,oBAAoB,CAAC;gBAC1B,KAAK,iBAAiB,CAAC;gBACvB,KAAK,uBAAuB;oBAC1B,+CAA+C;oBAC/C,+CAA+C;oBAC/C,IAAI,EAAE,KAAK,cAAc,IAAI,EAAE,KAAK,oBAAoB,EAAE,CAAC;wBACzD,uEAAuE;wBACvE,MAAM,SAAS,GAAG,CAAC,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAA;wBAC1D,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;oBAC/B,CAAC;yBAAM,CAAC;wBACN,oEAAoE;wBACpE,MAAM,SAAS,GAAG,CAAC,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;wBAChD,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,SAAS,CAAC,CAAA;oBAC/B,CAAC;oBACD,MAAK;gBAEP,KAAK,MAAM;oBACT,uDAAuD;oBACvD,qEAAqE;oBACrE,sFAAsF;oBACtF,6EAA6E;oBAC7E,gFAAgF;oBAChF,2BAA2B;oBAC3B,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;wBAC1B,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;oBAC9B,CAAC;yBAAM,CAAC;wBACN,OAAO,IAAI,CAAA;oBACb,CAAC;oBACD,MAAK;gBAEP,KAAK,WAAW,CAAC;gBACjB,KAAK,cAAc;oBACjB,6EAA6E;oBAC7E,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,KAAK,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;oBAC3D,MAAK;gBAEP,oFAAoF;gBACpF;oBACE,6DAA6D;oBAC7D,OAAO,IAAI,CAAA;YACf,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;;;;GAKG;AACH,SAAS,UAAU,CAAC,EAAU;IAC5B,6CAA6C;IAC7C,OAAO,EAAE,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAA;AAC9C,CAAC;AAED;;;;;GAKG;AACH,SAAS,oBAAoB,CAAC,EAAU;IACtC,OAAO,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,SAAS,CAAA;AACtE,CAAC;AAED;;;;;;GAMG;AACH,SAAS,qBAAqB,CAAC,EAAU;IACvC,4DAA4D;IAC5D,OAAO,EAAE;SACN,KAAK,CAAC,GAAG,CAAC;SACV,EAAE,CAAC,CAAC,CAAC,CAAE;SACP,WAAW,EAAE;SACb,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAA;AAC7B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,KAA2B;IAChE,MAAM,MAAM,GAAyB,EAAE,CAAA;IACvC,KAAK,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACjD,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,EAAE,CAAA;QAChC,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,CAAA;QACpB,KAAK,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YAC1D,MAAM,eAAe,GAAG,UAAU,CAAC,WAAW,EAAE,CAAA;YAChD,MAAM,CAAC,OAAO,CAAC,CAAC,eAAe,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QACvD,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,MAAM,iBAAiB,GAA2B;IAChD,YAAY,EAAE,iBAAiB;IAC/B,UAAU,EAAE,eAAe;IAC3B,SAAS,EAAE,cAAc;IACzB,OAAO,EAAE,YAAY;IACrB,eAAe,EAAE,cAAc;IAC/B,aAAa,EAAE,YAAY;IAC3B,YAAY,EAAE,WAAW;IACzB,UAAU,EAAE,SAAS;IACrB,eAAe,EAAE,0BAA0B;IAC3C,qBAAqB,EAAE,oBAAoB;IAC3C,kBAAkB,EAAE,uBAAuB;IAC3C,wBAAwB,EAAE,iBAAiB;IAC3C,aAAa,EAAE,kBAAkB;IACjC,gBAAgB,EAAE,eAAe;IACjC,YAAY,EAAE,uBAAuB;IACrC,kBAAkB,EAAE,iBAAiB;IACrC,eAAe,EAAE,oBAAoB;IACrC,qBAAqB,EAAE,cAAc;IACrC,IAAI,EAAE,MAAM;IACZ,SAAS,EAAE,cAAc;IACzB,YAAY,EAAE,WAAW;CAC1B,CAAA;AAED,MAAM,sBAAsB,GAA2B;IACrD,YAAY,EAAE,aAAa;IAC3B,WAAW,EAAE,cAAc;CAC5B,CAAA;AAED;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAC9B,KAA+C;IAE/C,MAAM,UAAU,GAAG,sBAAsB,CAAC,KAAK,CAAC,CAAA;IAChD,MAAM,QAAQ,GAA6C,EAAE,CAAA;IAC7D,KAAK,MAAM,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QACtD,MAAM,WAAW,GAAG,oBAAoB,CAAC,EAAE,CAAC,IAAI,SAAS,CAAA;QACzD,MAAM,iBAAiB,GAAG,WAAW,CAAC,CAAC,CAAC,sBAAsB,CAAC,WAAW,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAA;QACtF,MAAM,WAAW,GAAG,UAAU,CAAC,EAAE,CAAC,CAAA;QAClC,MAAM,MAAM,GAAG,qBAAqB,CAAC,EAAE,CAAC,CAAA;QACxC,MAAM,YAAY,GAAG,iBAAiB,CAAC,MAAM,CAAC,IAAI,MAAM,CAAA;QACxD,MAAM,UAAU,GACd,GAAG,iBAAiB,GAAG,YAAY,GAAG,WAAW,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,EAAE,CAAA;QACrF,QAAQ,CAAC,UAAU,CAAC,GAAG,EAAE,CAAA;QACzB,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YACjD,IAAI,MAAM,KAAK,MAAM,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC3C,QAAQ,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAA;YAC9F,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAC9C,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED,SAAS,4BAA4B,CAAC,CAAuB;IAC3D,MAAM,UAAU,GAA2B;QACzC,YAAY,EAAE,iBAAiB;QAC/B,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,cAAc;QACzB,OAAO,EAAE,YAAY;QACrB,aAAa,EAAE,kBAAkB;QACjC,gBAAgB,EAAE,eAAe;QACjC,eAAe,EAAE,0BAA0B;QAC3C,wBAAwB,EAAE,iBAAiB;QAC3C,qBAAqB,EAAE,oBAAoB;QAC3C,kBAAkB,EAAE,uBAAuB;QAC3C,YAAY,EAAE,uBAAuB;QACrC,qBAAqB,EAAE,cAAc;QACrC,kBAAkB,EAAE,iBAAiB;QACrC,eAAe,EAAE,oBAAoB;QACrC,SAAS,EAAE,cAAc;QACzB,YAAY,EAAE,WAAW;QACzB,IAAI,EAAE,MAAM;KACb,CAAA;IACD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAyB,CAAA;IACjE,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QACtD,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;gBACzC,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBACrB,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAA;oBAC1E,OAAO,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAA;gBACvB,CAAC;YACH,CAAC;YACD,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,GAAG,CAAC,IAAI,CAAC,CAAA;QACxE,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAA;AACZ,CAAC"}
|
|
@@ -0,0 +1,59 @@
|
|
|
1
|
+
import { Policy } from '@cloud-copilot/iam-policy';
|
|
2
|
+
import { Permission, PermissionEffect } from './permission.js';
|
|
3
|
+
/**
|
|
4
|
+
* A permission set will be a collection of permissions for a specific effect (Allow or Deny).
|
|
5
|
+
* So this will be used to represent things like "all the allowed permissions in a set of SCPs"
|
|
6
|
+
* and "all the deny's that apply to a principal"
|
|
7
|
+
*/
|
|
8
|
+
export declare class PermissionSet {
|
|
9
|
+
readonly effect: PermissionEffect;
|
|
10
|
+
private permissions;
|
|
11
|
+
constructor(effect: PermissionEffect);
|
|
12
|
+
addPermission(newPermission: Permission): void;
|
|
13
|
+
getPermissions(service: string, action: string): Permission[];
|
|
14
|
+
hasService(service: string): boolean;
|
|
15
|
+
hasAction(service: string, action: string): boolean;
|
|
16
|
+
getAllPermissions(): Permission[];
|
|
17
|
+
/**
|
|
18
|
+
* Return a new PermissionSet containing the intersection of this set and another.
|
|
19
|
+
* Only permissions that overlap (same effect, service, action, and intersecting resources/conditions)
|
|
20
|
+
* will be included.
|
|
21
|
+
*/
|
|
22
|
+
intersection(other: PermissionSet): PermissionSet;
|
|
23
|
+
subtract(deny: PermissionSet): {
|
|
24
|
+
allow: PermissionSet;
|
|
25
|
+
deny: PermissionSet;
|
|
26
|
+
};
|
|
27
|
+
/**
|
|
28
|
+
* Deep clones the PermissionSet.
|
|
29
|
+
*
|
|
30
|
+
* @returns a new PermissionSet instance with the same permissions.
|
|
31
|
+
*/
|
|
32
|
+
clone(): PermissionSet;
|
|
33
|
+
}
|
|
34
|
+
/**
|
|
35
|
+
* Given an array of IAM Policy objects, extract every "Allow" statement
|
|
36
|
+
* and load it into a PermissionSet. Each AWS action is split into its
|
|
37
|
+
* service ("s3", "ec2", etc.) and the individual action name ("GetObject", "StartInstances", etc.).
|
|
38
|
+
*
|
|
39
|
+
* Assumptions:
|
|
40
|
+
* 1. The Policy type comes from `@cloud-copilot/iam-policy`. Each Policy has a `.statements` array.
|
|
41
|
+
* 2. Each Statement has at least these fields (per AWS IAM JSON):
|
|
42
|
+
* - Effect: "Allow" | "Deny"
|
|
43
|
+
* - Action: string | string[]
|
|
44
|
+
* - Resource?: string | string[]
|
|
45
|
+
* - NotResource?: string | string[]
|
|
46
|
+
* - Condition?: Record<string, Record<string, string | string[]>>
|
|
47
|
+
*
|
|
48
|
+
* 3. We ignore any statements whose Effect ≠ "Allow".
|
|
49
|
+
* 4. We do not expand wildcards here—if a statement’s Action is "s3:*",
|
|
50
|
+
* we leave it as the pattern "s3:*". (If you want to expand all wildcards,
|
|
51
|
+
* run these policies through iam-expand first, then call this function.)
|
|
52
|
+
*
|
|
53
|
+
* Returns a PermissionSet containing one Permission object for each (service, action, resource, notResource, condition)
|
|
54
|
+
* triple where Effect == "Allow".
|
|
55
|
+
*/
|
|
56
|
+
export declare function buildPermissionSetFromPolicies(effect: PermissionEffect, policies: Policy[]): Promise<PermissionSet>;
|
|
57
|
+
export declare function addPoliciesToPermissionSet(permissionSet: PermissionSet, effect: PermissionEffect, policies: Policy[]): Promise<void>;
|
|
58
|
+
export declare function toPolicyStatements(set: PermissionSet): any;
|
|
59
|
+
//# sourceMappingURL=permissionSet.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permissionSet.d.ts","sourceRoot":"","sources":["../../../src/canWhat/permissionSet.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,2BAA2B,CAAA;AAClD,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAE9D;;;;GAIG;AACH,qBAAa,aAAa;aAGI,MAAM,EAAE,gBAAgB;IAFpD,OAAO,CAAC,WAAW,CAAmD;gBAE1C,MAAM,EAAE,gBAAgB;IAE7C,aAAa,CAAC,aAAa,EAAE,UAAU,GAAG,IAAI;IA0D9C,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,UAAU,EAAE;IAO7D,UAAU,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO;IAIpC,SAAS,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO;IAInD,iBAAiB,IAAI,UAAU,EAAE;IAUxC;;;;OAIG;IACI,YAAY,CAAC,KAAK,EAAE,aAAa,GAAG,aAAa;IA8BjD,QAAQ,CAAC,IAAI,EAAE,aAAa,GAAG;QAAE,KAAK,EAAE,aAAa,CAAC;QAAC,IAAI,EAAE,aAAa,CAAA;KAAE;IAmDnF;;;;OAIG;IACH,KAAK,IAAI,aAAa;CAUvB;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAsB,8BAA8B,CAClD,MAAM,EAAE,gBAAgB,EACxB,QAAQ,EAAE,MAAM,EAAE,GACjB,OAAO,CAAC,aAAa,CAAC,CAKxB;AAED,wBAAsB,0BAA0B,CAC9C,aAAa,EAAE,aAAa,EAC5B,MAAM,EAAE,gBAAgB,EACxB,QAAQ,EAAE,MAAM,EAAE,GACjB,OAAO,CAAC,IAAI,CAAC,CAsCf;AA8BD,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,aAAa,GAAG,GAAG,CA2B1D"}
|
|
@@ -0,0 +1,288 @@
|
|
|
1
|
+
import { expandIamActions, invertIamActions } from '@cloud-copilot/iam-expand';
|
|
2
|
+
import { Permission } from './permission.js';
|
|
3
|
+
/**
|
|
4
|
+
* A permission set will be a collection of permissions for a specific effect (Allow or Deny).
|
|
5
|
+
* So this will be used to represent things like "all the allowed permissions in a set of SCPs"
|
|
6
|
+
* and "all the deny's that apply to a principal"
|
|
7
|
+
*/
|
|
8
|
+
export class PermissionSet {
|
|
9
|
+
constructor(effect) {
|
|
10
|
+
this.effect = effect;
|
|
11
|
+
this.permissions = {};
|
|
12
|
+
}
|
|
13
|
+
addPermission(newPermission) {
|
|
14
|
+
if (newPermission.effect !== this.effect) {
|
|
15
|
+
throw new Error(`Permission effect ${newPermission.effect} does not match PermissionSet effect ${this.effect}`);
|
|
16
|
+
}
|
|
17
|
+
const service = newPermission.service;
|
|
18
|
+
const action = newPermission.action;
|
|
19
|
+
if (!this.permissions[service]) {
|
|
20
|
+
this.permissions[service] = {};
|
|
21
|
+
}
|
|
22
|
+
if (!this.permissions[service][action]) {
|
|
23
|
+
this.permissions[service][action] = [];
|
|
24
|
+
}
|
|
25
|
+
const existingPermissions = this.permissions[service][action];
|
|
26
|
+
if (existingPermissions.length === 0) {
|
|
27
|
+
existingPermissions.push(newPermission);
|
|
28
|
+
return;
|
|
29
|
+
}
|
|
30
|
+
let replacesExisting = false;
|
|
31
|
+
let mergedWithExisting = false;
|
|
32
|
+
let first = existingPermissions[0];
|
|
33
|
+
let rest = existingPermissions.slice(1);
|
|
34
|
+
const newPermissions = [];
|
|
35
|
+
while (first) {
|
|
36
|
+
const unionResult = first.union(newPermission);
|
|
37
|
+
if (unionResult.length === 1) {
|
|
38
|
+
const unionedPermission = unionResult[0];
|
|
39
|
+
if (unionedPermission == first) {
|
|
40
|
+
// The new permission is included in the existing permission, so we don't need to add it
|
|
41
|
+
return;
|
|
42
|
+
}
|
|
43
|
+
if (unionedPermission == newPermission) {
|
|
44
|
+
replacesExisting = true;
|
|
45
|
+
// The existing permission is included in the new permission, so we can replace it
|
|
46
|
+
}
|
|
47
|
+
else {
|
|
48
|
+
// The unioned permission is a net new permission, so we can add it
|
|
49
|
+
newPermissions.push(unionedPermission);
|
|
50
|
+
mergedWithExisting = true;
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
else {
|
|
54
|
+
newPermissions.push(first);
|
|
55
|
+
}
|
|
56
|
+
first = rest.shift();
|
|
57
|
+
}
|
|
58
|
+
if (replacesExisting && !mergedWithExisting) {
|
|
59
|
+
// If we didn't replace or merge with any existing permissions, just add the new permission
|
|
60
|
+
newPermissions.push(newPermission);
|
|
61
|
+
}
|
|
62
|
+
else if (!replacesExisting && !mergedWithExisting) {
|
|
63
|
+
// If we didn't replace or merge with any existing permissions, just add the new permission
|
|
64
|
+
newPermissions.push(newPermission);
|
|
65
|
+
}
|
|
66
|
+
this.permissions[service][action] = newPermissions;
|
|
67
|
+
}
|
|
68
|
+
getPermissions(service, action) {
|
|
69
|
+
if (!this.permissions[service] || !this.permissions[service][action]) {
|
|
70
|
+
return [];
|
|
71
|
+
}
|
|
72
|
+
return this.permissions[service][action];
|
|
73
|
+
}
|
|
74
|
+
hasService(service) {
|
|
75
|
+
return !!this.permissions[service];
|
|
76
|
+
}
|
|
77
|
+
hasAction(service, action) {
|
|
78
|
+
return !!(this.permissions[service] && this.permissions[service][action]);
|
|
79
|
+
}
|
|
80
|
+
getAllPermissions() {
|
|
81
|
+
const allPermissions = [];
|
|
82
|
+
for (const service in this.permissions) {
|
|
83
|
+
for (const action in this.permissions[service]) {
|
|
84
|
+
allPermissions.push(...this.permissions[service][action]);
|
|
85
|
+
}
|
|
86
|
+
}
|
|
87
|
+
return allPermissions;
|
|
88
|
+
}
|
|
89
|
+
/**
|
|
90
|
+
* Return a new PermissionSet containing the intersection of this set and another.
|
|
91
|
+
* Only permissions that overlap (same effect, service, action, and intersecting resources/conditions)
|
|
92
|
+
* will be included.
|
|
93
|
+
*/
|
|
94
|
+
intersection(other) {
|
|
95
|
+
if (this.effect !== other.effect) {
|
|
96
|
+
throw new Error('Cannot intersect PermissionSets with different effects');
|
|
97
|
+
}
|
|
98
|
+
const result = new PermissionSet(this.effect);
|
|
99
|
+
for (const service of Object.keys(this.permissions)) {
|
|
100
|
+
if (!other.hasService(service))
|
|
101
|
+
continue;
|
|
102
|
+
for (const action of Object.keys(this.permissions[service])) {
|
|
103
|
+
if (!other.hasAction(service, action))
|
|
104
|
+
continue;
|
|
105
|
+
const thisPermissions = this.getPermissions(service, action);
|
|
106
|
+
const otherPermissions = other.getPermissions(service, action);
|
|
107
|
+
for (const thisPermission of thisPermissions) {
|
|
108
|
+
for (const otherPermission of otherPermissions) {
|
|
109
|
+
const ix = thisPermission.intersection(otherPermission);
|
|
110
|
+
if (ix) {
|
|
111
|
+
result.addPermission(ix);
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
return result;
|
|
118
|
+
}
|
|
119
|
+
subtract(deny) {
|
|
120
|
+
if (this.effect !== 'Allow' || deny.effect !== 'Deny') {
|
|
121
|
+
throw new Error('Can only subtract a Deny PermissionSet from an Allow PermissionSet');
|
|
122
|
+
}
|
|
123
|
+
const allowSet = new PermissionSet('Allow');
|
|
124
|
+
const denySet = new PermissionSet('Deny');
|
|
125
|
+
for (const service of Object.keys(this.permissions)) {
|
|
126
|
+
if (!deny.hasService(service)) {
|
|
127
|
+
// allowSet.permissions[service] = this.permissions[service]
|
|
128
|
+
// If the other set doesn't have this service, we can keep all permissions
|
|
129
|
+
allowSet.permissions[service] = allowSet.permissions[service] || {};
|
|
130
|
+
for (const action of Object.keys(this.permissions[service])) {
|
|
131
|
+
allowSet.permissions[service][action] = [...this.getPermissions(service, action)];
|
|
132
|
+
}
|
|
133
|
+
continue;
|
|
134
|
+
}
|
|
135
|
+
for (const action of Object.keys(this.permissions[service])) {
|
|
136
|
+
if (!deny.hasAction(service, action)) {
|
|
137
|
+
if (!allowSet.permissions[service]) {
|
|
138
|
+
allowSet.permissions[service] = {};
|
|
139
|
+
}
|
|
140
|
+
// If the other set doesn't have this action, we can keep all permissions
|
|
141
|
+
// allowSet.permissions[service] = allowSet.permissions[service] || {}
|
|
142
|
+
allowSet.permissions[service][action] = [...this.getPermissions(service, action)];
|
|
143
|
+
continue;
|
|
144
|
+
}
|
|
145
|
+
const thisPermissions = this.getPermissions(service, action);
|
|
146
|
+
const denyPermissions = deny.getPermissions(service, action);
|
|
147
|
+
for (const thisPermission of thisPermissions) {
|
|
148
|
+
for (const denyPermission of denyPermissions) {
|
|
149
|
+
const difference = thisPermission.subtract(denyPermission);
|
|
150
|
+
for (const diff of difference) {
|
|
151
|
+
if (diff.effect === 'Allow') {
|
|
152
|
+
allowSet.addPermission(diff);
|
|
153
|
+
}
|
|
154
|
+
else {
|
|
155
|
+
denySet.addPermission(diff);
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
}
|
|
162
|
+
return { allow: allowSet, deny: denySet };
|
|
163
|
+
}
|
|
164
|
+
/**
|
|
165
|
+
* Deep clones the PermissionSet.
|
|
166
|
+
*
|
|
167
|
+
* @returns a new PermissionSet instance with the same permissions.
|
|
168
|
+
*/
|
|
169
|
+
clone() {
|
|
170
|
+
const clone = new PermissionSet(this.effect);
|
|
171
|
+
for (const service in this.permissions) {
|
|
172
|
+
clone.permissions[service] = {};
|
|
173
|
+
for (const action in this.permissions[service]) {
|
|
174
|
+
clone.permissions[service][action] = [...this.permissions[service][action]];
|
|
175
|
+
}
|
|
176
|
+
}
|
|
177
|
+
return clone;
|
|
178
|
+
}
|
|
179
|
+
}
|
|
180
|
+
/**
|
|
181
|
+
* Given an array of IAM Policy objects, extract every "Allow" statement
|
|
182
|
+
* and load it into a PermissionSet. Each AWS action is split into its
|
|
183
|
+
* service ("s3", "ec2", etc.) and the individual action name ("GetObject", "StartInstances", etc.).
|
|
184
|
+
*
|
|
185
|
+
* Assumptions:
|
|
186
|
+
* 1. The Policy type comes from `@cloud-copilot/iam-policy`. Each Policy has a `.statements` array.
|
|
187
|
+
* 2. Each Statement has at least these fields (per AWS IAM JSON):
|
|
188
|
+
* - Effect: "Allow" | "Deny"
|
|
189
|
+
* - Action: string | string[]
|
|
190
|
+
* - Resource?: string | string[]
|
|
191
|
+
* - NotResource?: string | string[]
|
|
192
|
+
* - Condition?: Record<string, Record<string, string | string[]>>
|
|
193
|
+
*
|
|
194
|
+
* 3. We ignore any statements whose Effect ≠ "Allow".
|
|
195
|
+
* 4. We do not expand wildcards here—if a statement’s Action is "s3:*",
|
|
196
|
+
* we leave it as the pattern "s3:*". (If you want to expand all wildcards,
|
|
197
|
+
* run these policies through iam-expand first, then call this function.)
|
|
198
|
+
*
|
|
199
|
+
* Returns a PermissionSet containing one Permission object for each (service, action, resource, notResource, condition)
|
|
200
|
+
* triple where Effect == "Allow".
|
|
201
|
+
*/
|
|
202
|
+
export async function buildPermissionSetFromPolicies(effect, policies) {
|
|
203
|
+
// We'll collect all "Allow" statements across all policies
|
|
204
|
+
const permissionSet = new PermissionSet(effect);
|
|
205
|
+
await addPoliciesToPermissionSet(permissionSet, effect, policies);
|
|
206
|
+
return permissionSet;
|
|
207
|
+
}
|
|
208
|
+
export async function addPoliciesToPermissionSet(permissionSet, effect, policies) {
|
|
209
|
+
for (const policy of policies) {
|
|
210
|
+
// Each Policy object has a `.statements` array of raw Statement JSON
|
|
211
|
+
for (const stmt of policy.statements()) {
|
|
212
|
+
if (effect === 'Allow' && !stmt.isAllow()) {
|
|
213
|
+
continue; // skip Deny or any other non-Allow effect
|
|
214
|
+
}
|
|
215
|
+
else if (effect === 'Deny' && stmt.isAllow()) {
|
|
216
|
+
continue; // skip Allow statements if we're building a Deny set
|
|
217
|
+
}
|
|
218
|
+
let statementActions;
|
|
219
|
+
if (stmt.isActionStatement()) {
|
|
220
|
+
const allActions = stmt.actions().map((a) => a.value());
|
|
221
|
+
statementActions = await expandIamActions(allActions, { expandAsterisk: true });
|
|
222
|
+
}
|
|
223
|
+
else if (stmt.isNotActionStatement()) {
|
|
224
|
+
statementActions = await invertIamActions(stmt.notActions().map((a) => a.value()));
|
|
225
|
+
}
|
|
226
|
+
else {
|
|
227
|
+
continue;
|
|
228
|
+
}
|
|
229
|
+
for (const fullAction of statementActions) {
|
|
230
|
+
const [service, actionName] = fullAction.split(':');
|
|
231
|
+
if (!service || !actionName)
|
|
232
|
+
continue;
|
|
233
|
+
let resource = undefined;
|
|
234
|
+
let notResource = undefined;
|
|
235
|
+
if (stmt.isResourceStatement()) {
|
|
236
|
+
resource = stmt.resources().map((r) => r.value());
|
|
237
|
+
}
|
|
238
|
+
else if (stmt.isNotResourceStatement()) {
|
|
239
|
+
notResource = stmt.notResources().map((r) => r.value());
|
|
240
|
+
}
|
|
241
|
+
permissionSet.addPermission(new Permission(effect, service, actionName, resource, notResource, stmt.conditionMap()));
|
|
242
|
+
}
|
|
243
|
+
}
|
|
244
|
+
}
|
|
245
|
+
}
|
|
246
|
+
function canonicalKey(p) {
|
|
247
|
+
// Sort resource arrays so ["B","A"] == ["A","B"]
|
|
248
|
+
const resources = p.resource?.slice().sort() ?? null;
|
|
249
|
+
const notResource = p.notResource?.slice().sort() ?? null;
|
|
250
|
+
// Canonicalize the condition map (lower-case keys already).
|
|
251
|
+
// We stringify with sorted keys so structurally-equal maps hash the same.
|
|
252
|
+
const canonicalCond = p.conditions
|
|
253
|
+
? JSON.stringify(Object.fromEntries(Object.entries(p.conditions)
|
|
254
|
+
.sort(([a], [b]) => a.localeCompare(b))
|
|
255
|
+
.map(([op, kv]) => [
|
|
256
|
+
op,
|
|
257
|
+
Object.fromEntries(Object.entries(kv)
|
|
258
|
+
.sort(([a], [b]) => a.localeCompare(b))
|
|
259
|
+
.map(([k, v]) => [k, [...v].sort()]))
|
|
260
|
+
])))
|
|
261
|
+
: null;
|
|
262
|
+
// Effect is fixed for the whole PermissionSet, so not needed in the key.
|
|
263
|
+
return JSON.stringify({ resources, notResource, canonicalCond });
|
|
264
|
+
}
|
|
265
|
+
export function toPolicyStatements(set) {
|
|
266
|
+
const buckets = new Map();
|
|
267
|
+
for (const perm of set.getAllPermissions()) {
|
|
268
|
+
const key = canonicalKey(perm);
|
|
269
|
+
const bucket = buckets.get(key) ?? {
|
|
270
|
+
res: perm.resource ? [...perm.resource] : undefined,
|
|
271
|
+
notRes: perm.notResource ? [...perm.notResource] : undefined,
|
|
272
|
+
cond: perm.conditions ? perm.conditions : undefined,
|
|
273
|
+
actions: []
|
|
274
|
+
};
|
|
275
|
+
bucket.actions.push(`${perm.service}:${perm.action}`);
|
|
276
|
+
buckets.set(key, bucket);
|
|
277
|
+
}
|
|
278
|
+
// De-duplicate and sort Actions inside each bucket
|
|
279
|
+
const statements = [...buckets.values()].map((b) => ({
|
|
280
|
+
Effect: set.effect,
|
|
281
|
+
Action: b.actions.length === 1 ? b.actions[0] : [...new Set(b.actions)].sort(),
|
|
282
|
+
Resource: b.res,
|
|
283
|
+
NotResource: b.notRes,
|
|
284
|
+
Condition: b.cond
|
|
285
|
+
}));
|
|
286
|
+
return statements;
|
|
287
|
+
}
|
|
288
|
+
//# sourceMappingURL=permissionSet.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"permissionSet.js","sourceRoot":"","sources":["../../../src/canWhat/permissionSet.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAA;AAE9E,OAAO,EAAE,UAAU,EAAoB,MAAM,iBAAiB,CAAA;AAE9D;;;;GAIG;AACH,MAAM,OAAO,aAAa;IAGxB,YAA4B,MAAwB;QAAxB,WAAM,GAAN,MAAM,CAAkB;QAF5C,gBAAW,GAAiD,EAAE,CAAA;IAEf,CAAC;IAEjD,aAAa,CAAC,aAAyB;QAC5C,IAAI,aAAa,CAAC,MAAM,KAAK,IAAI,CAAC,MAAM,EAAE,CAAC;YACzC,MAAM,IAAI,KAAK,CACb,qBAAqB,aAAa,CAAC,MAAM,wCAAwC,IAAI,CAAC,MAAM,EAAE,CAC/F,CAAA;QACH,CAAC;QAED,MAAM,OAAO,GAAG,aAAa,CAAC,OAAO,CAAA;QACrC,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAA;QACnC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,EAAE,CAAA;QAChC,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;YACvC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,GAAG,EAAE,CAAA;QACxC,CAAC;QACD,MAAM,mBAAmB,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAA;QAC7D,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACrC,mBAAmB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;YACvC,OAAM;QACR,CAAC;QAED,IAAI,gBAAgB,GAAG,KAAK,CAAA;QAC5B,IAAI,kBAAkB,GAAG,KAAK,CAAA;QAC9B,IAAI,KAAK,GAA2B,mBAAmB,CAAC,CAAC,CAAC,CAAA;QAC1D,IAAI,IAAI,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;QACvC,MAAM,cAAc,GAAiB,EAAE,CAAA;QACvC,OAAO,KAAK,EAAE,CAAC;YACb,MAAM,WAAW,GAAG,KAAK,CAAC,KAAK,CAAC,aAAa,CAAC,CAAA;YAC9C,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,MAAM,iBAAiB,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;gBACxC,IAAI,iBAAiB,IAAI,KAAK,EAAE,CAAC;oBAC/B,wFAAwF;oBACxF,OAAM;gBACR,CAAC;gBACD,IAAI,iBAAiB,IAAI,aAAa,EAAE,CAAC;oBACvC,gBAAgB,GAAG,IAAI,CAAA;oBACvB,kFAAkF;gBACpF,CAAC;qBAAM,CAAC;oBACN,mEAAmE;oBACnE,cAAc,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAA;oBACtC,kBAAkB,GAAG,IAAI,CAAA;gBAC3B,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YAC5B,CAAC;YACD,KAAK,GAAG,IAAI,CAAC,KAAK,EAAE,CAAA;QACtB,CAAC;QAED,IAAI,gBAAgB,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5C,2FAA2F;YAC3F,cAAc,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;QACpC,CAAC;aAAM,IAAI,CAAC,gBAAgB,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACpD,2FAA2F;YAC3F,cAAc,CAAC,IAAI,CAAC,aAAa,CAAC,CAAA;QACpC,CAAC;QACD,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,GAAG,cAAc,CAAA;IACpD,CAAC;IAEM,cAAc,CAAC,OAAe,EAAE,MAAc;QACnD,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;YACrE,OAAO,EAAE,CAAA;QACX,CAAC;QACD,OAAO,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAA;IAC1C,CAAC;IAEM,UAAU,CAAC,OAAe;QAC/B,OAAO,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;IACpC,CAAC;IAEM,SAAS,CAAC,OAAe,EAAE,MAAc;QAC9C,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAA;IAC3E,CAAC;IAEM,iBAAiB;QACtB,MAAM,cAAc,GAAiB,EAAE,CAAA;QACvC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACvC,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC/C,cAAc,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAA;YAC3D,CAAC;QACH,CAAC;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IAED;;;;OAIG;IACI,YAAY,CAAC,KAAoB;QACtC,IAAI,IAAI,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC;YACjC,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAA;QAC3E,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAE7C,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YACpD,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC;gBAAE,SAAQ;YAExC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;gBAC5D,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC;oBAAE,SAAQ;gBAE/C,MAAM,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBAC5D,MAAM,gBAAgB,GAAG,KAAK,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBAE9D,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;oBAC7C,KAAK,MAAM,eAAe,IAAI,gBAAgB,EAAE,CAAC;wBAC/C,MAAM,EAAE,GAAG,cAAc,CAAC,YAAY,CAAC,eAAe,CAAC,CAAA;wBACvD,IAAI,EAAE,EAAE,CAAC;4BACP,MAAM,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;wBAC1B,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAA;IACf,CAAC;IAEM,QAAQ,CAAC,IAAmB;QACjC,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,IAAI,IAAI,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YACtD,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAA;QACvF,CAAC;QAED,MAAM,QAAQ,GAAG,IAAI,aAAa,CAAC,OAAO,CAAC,CAAA;QAC3C,MAAM,OAAO,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,CAAA;QAEzC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YACpD,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC9B,4DAA4D;gBAC5D,0EAA0E;gBAC1E,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,CAAA;gBACnE,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;oBAC5D,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAA;gBACnF,CAAC;gBACD,SAAQ;YACV,CAAC;YAED,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;gBAC5D,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE,CAAC;oBACrC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;wBACnC,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,EAAE,CAAA;oBACpC,CAAC;oBACD,yEAAyE;oBACzE,sEAAsE;oBACtE,QAAQ,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAA;oBACjF,SAAQ;gBACV,CAAC;gBAED,MAAM,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBAC5D,MAAM,eAAe,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;gBAE5D,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;oBAC7C,KAAK,MAAM,cAAc,IAAI,eAAe,EAAE,CAAC;wBAC7C,MAAM,UAAU,GAAG,cAAc,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAA;wBAC1D,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;4BAC9B,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gCAC5B,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;4BAC9B,CAAC;iCAAM,CAAC;gCACN,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAA;4BAC7B,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,CAAA;IAC3C,CAAC;IAED;;;;OAIG;IACH,KAAK;QACH,MAAM,KAAK,GAAG,IAAI,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;QAC5C,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACvC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,EAAE,CAAA;YAC/B,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC/C,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAA;YAC7E,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;CACF;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,CAAC,KAAK,UAAU,8BAA8B,CAClD,MAAwB,EACxB,QAAkB;IAElB,2DAA2D;IAC3D,MAAM,aAAa,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,CAAA;IAC/C,MAAM,0BAA0B,CAAC,aAAa,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAA;IACjE,OAAO,aAAa,CAAA;AACtB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,aAA4B,EAC5B,MAAwB,EACxB,QAAkB;IAElB,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;QAC9B,qEAAqE;QACrE,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;YACvC,IAAI,MAAM,KAAK,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;gBAC1C,SAAQ,CAAC,0CAA0C;YACrD,CAAC;iBAAM,IAAI,MAAM,KAAK,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;gBAC/C,SAAQ,CAAC,qDAAqD;YAChE,CAAC;YAED,IAAI,gBAA0B,CAAA;YAC9B,IAAI,IAAI,CAAC,iBAAiB,EAAE,EAAE,CAAC;gBAC7B,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAA;gBACvD,gBAAgB,GAAG,MAAM,gBAAgB,CAAC,UAAU,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAA;YACjF,CAAC;iBAAM,IAAI,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;gBACvC,gBAAgB,GAAG,MAAM,gBAAgB,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;YACpF,CAAC;iBAAM,CAAC;gBACN,SAAQ;YACV,CAAC;YAED,KAAK,MAAM,UAAU,IAAI,gBAAgB,EAAE,CAAC;gBAC1C,MAAM,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;gBACnD,IAAI,CAAC,OAAO,IAAI,CAAC,UAAU;oBAAE,SAAQ;gBAErC,IAAI,QAAQ,GAAyB,SAAS,CAAA;gBAC9C,IAAI,WAAW,GAAyB,SAAS,CAAA;gBACjD,IAAI,IAAI,CAAC,mBAAmB,EAAE,EAAE,CAAC;oBAC/B,QAAQ,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAA;gBACnD,CAAC;qBAAM,IAAI,IAAI,CAAC,sBAAsB,EAAE,EAAE,CAAC;oBACzC,WAAW,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,CAAC,CAAA;gBACzD,CAAC;gBAED,aAAa,CAAC,aAAa,CACzB,IAAI,UAAU,CAAC,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,IAAI,CAAC,YAAY,EAAE,CAAC,CACxF,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,CAAa;IACjC,iDAAiD;IACjD,MAAM,SAAS,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,CAAC,IAAI,EAAE,IAAI,IAAI,CAAA;IACpD,MAAM,WAAW,GAAG,CAAC,CAAC,WAAW,EAAE,KAAK,EAAE,CAAC,IAAI,EAAE,IAAI,IAAI,CAAA;IAEzD,4DAA4D;IAC5D,0EAA0E;IAC1E,MAAM,aAAa,GAAG,CAAC,CAAC,UAAU;QAChC,CAAC,CAAC,IAAI,CAAC,SAAS,CACZ,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC;aACzB,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;aACtC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC;YACjB,EAAE;YACF,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;iBACf,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC;iBACtC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CACvC;SACF,CAAC,CACL,CACF;QACH,CAAC,CAAC,IAAI,CAAA;IAER,yEAAyE;IACzE,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,CAAA;AAClE,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,GAAkB;IACnD,MAAM,OAAO,GAAG,IAAI,GAAG,EAGpB,CAAA;IAEH,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,iBAAiB,EAAE,EAAE,CAAC;QAC3C,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,CAAA;QAC9B,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI;YACjC,GAAG,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,QAAS,CAAC,CAAC,CAAC,CAAC,SAAS;YACpD,MAAM,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,WAAY,CAAC,CAAC,CAAC,CAAC,SAAS;YAC7D,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;YACnD,OAAO,EAAE,EAAE;SACZ,CAAA;QACD,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,CAAA;QACrD,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAA;IAC1B,CAAC;IAED,mDAAmD;IACnD,MAAM,UAAU,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACnD,MAAM,EAAE,GAAG,CAAC,MAAM;QAClB,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE;QAC9E,QAAQ,EAAE,CAAC,CAAC,GAAG;QACf,WAAW,EAAE,CAAC,CAAC,MAAM;QACrB,SAAS,EAAE,CAAC,CAAC,IAAI;KAClB,CAAC,CAAC,CAAA;IACH,OAAO,UAAU,CAAA;AACnB,CAAC"}
|
package/dist/esm/cli.js
CHANGED
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
import { parseCliArguments } from '@cloud-copilot/cli';
|
|
3
|
+
import { canWhat } from './canWhat/canWhat.js';
|
|
3
4
|
import { getCollectClient, loadCollectConfigs } from './collect/collect.js';
|
|
4
5
|
import { resultMatchesExpectation, simulateRequest } from './simulate/simulate.js';
|
|
5
6
|
import { iamLensVersion } from './utils/packageVersion.js';
|
|
@@ -67,6 +68,21 @@ const main = async () => {
|
|
|
67
68
|
description: 'The action to check permissions for; must be a valid IAM service and action such as `s3:GetObject`'
|
|
68
69
|
}
|
|
69
70
|
}
|
|
71
|
+
},
|
|
72
|
+
'can-what': {
|
|
73
|
+
description: 'ALPHA: Find what actions a principal can perform',
|
|
74
|
+
options: {
|
|
75
|
+
principal: {
|
|
76
|
+
type: 'string',
|
|
77
|
+
values: 'single',
|
|
78
|
+
description: 'The principal to check permissions for. Can be a user or role'
|
|
79
|
+
},
|
|
80
|
+
shrinkActionLists: {
|
|
81
|
+
type: 'boolean',
|
|
82
|
+
character: 's',
|
|
83
|
+
description: 'Shrink action lists to reduce policy size'
|
|
84
|
+
}
|
|
85
|
+
}
|
|
70
86
|
}
|
|
71
87
|
}, {
|
|
72
88
|
collectConfigs: {
|
|
@@ -127,6 +143,18 @@ const main = async () => {
|
|
|
127
143
|
});
|
|
128
144
|
console.log(JSON.stringify(results, null, 2));
|
|
129
145
|
}
|
|
146
|
+
else if (cli.subcommand === 'can-what') {
|
|
147
|
+
const { principal, shrinkActionLists } = cli.args;
|
|
148
|
+
if (!principal) {
|
|
149
|
+
console.error('Error: Principal must be provided for can-what command');
|
|
150
|
+
process.exit(1);
|
|
151
|
+
}
|
|
152
|
+
const results = await canWhat(collectClient, {
|
|
153
|
+
principal: principal,
|
|
154
|
+
shrinkActionLists
|
|
155
|
+
});
|
|
156
|
+
console.log(JSON.stringify(results, null, 2));
|
|
157
|
+
}
|
|
130
158
|
};
|
|
131
159
|
main()
|
|
132
160
|
.catch((e) => {
|
package/dist/esm/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AACtD,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AAE3E,OAAO,EAAE,wBAAwB,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AAClF,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,MAAM,IAAI,GAAG,KAAK,IAAI,EAAE;IACtB,MAAM,OAAO,GAAG,MAAM,cAAc,EAAE,CAAA;IACtC,MAAM,GAAG,GAAG,iBAAiB,CAC3B,UAAU,EACV;QACE,QAAQ,EAAE;YACR,WAAW,EAAE,yBAAyB;YACtC,OAAO,EAAE;gBACP,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EAAE,yEAAyE;iBACvF;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,4EAA4E;iBAC/E;gBACD,eAAe,EAAE;oBACf,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,iGAAiG;iBACpG;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,wFAAwF;iBAC3F;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,UAAU;oBAClB,WAAW,EACT,oJAAoJ;iBACvJ;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,SAAS;oBACf,WAAW,EAAE,0CAA0C;oBACvD,SAAS,EAAE,GAAG;iBACf;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,MAAM;oBACZ,MAAM,EAAE,QAAQ;oBAChB,WAAW,EAAE,CAAC,SAAS,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,SAAS,CAAC;oBAC3E,WAAW,EACT,iIAAiI;iBACpI;aACF;SACF;QACD,SAAS,EAAE;YACT,WAAW,EAAE,8CAA8C;YAC3D,OAAO,EAAE;gBACP,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,+EAA+E;iBAClF;gBACD,eAAe,EAAE;oBACf,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,+HAA+H;iBAClI;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,UAAU;oBAClB,WAAW,EACT,oGAAoG;iBACvG;aACF;SACF;KACF,EACD;QACE,cAAc,EAAE;YACd,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,4CAA4C;YACzD,MAAM,EAAE,UAAU;SACnB;QACD,SAAS,EAAE;YACT,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,sEAAsE;YACnF,MAAM,EAAE,QAAQ;SACjB;KACF,EACD;QACE,SAAS,EAAE,UAAU;QACrB,gBAAgB,EAAE,IAAI;QACtB,iBAAiB,EAAE,IAAI;QACvB,OAAO;KACR,CACF,CAAA;IAED,IAAI,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;IACrD,CAAC;IACD,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC,SAAS,IAAI,KAAK,CAAA;IAChD,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACxE,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,EAAE,YAAY,CAAC,CAAA;IAEpE,IAAI,GAAG,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;QAClC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;QAC1E,MAAM,WAAW,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAA;QAEpD,MAAM,MAAM,GAAG,MAAM,eAAe,CAClC;YACE,SAAS,EAAE,SAAU;YACrB,WAAW,EAAE,QAAQ;YACrB,eAAe,EAAE,eAAe;YAChC,MAAM,EAAE,MAAO;YACf,iBAAiB,EAAE,WAAW;SAC/B,EACD,aAAa,CACd,CAAA;QAED,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;YACnC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QAC5D,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;QAC9C,CAAC;QAED,IAAI,CAAC,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAO,CAAC,EAAE,CAAC;YACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;QACvD,IAAI,CAAC,eAAe,IAAI,CAAC,QAAQ,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,KAAK,CACX,qGAAqG,CACtG,CAAA;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,aAAa,EAAE;YAC1C,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,QAAS;YAC5B,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,OAAQ;YAC1B,eAAe,EAAE,GAAG,CAAC,IAAI,CAAC,eAAe;SAC1C,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;IAC/C,CAAC;AACH,CAAC,CAAA;AAED,IAAI,EAAE;KACH,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IACX,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC;KACD,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;KACd,OAAO,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;AAEpB;;;;;GAKG;AACH,SAAS,uBAAuB,CAAC,WAAqB;IACpD,MAAM,UAAU,GAAsC,EAAE,CAAA;IACxD,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;QAC9B,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACvC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC/B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtB,UAAU,CAAC,OAAO,CAAC,GAAG,MAAM,CAAA;YAC9B,CAAC;iBAAM,CAAC;gBACN,UAAU,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAA;YACjC,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAA;AACnB,CAAC"}
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAA;AACtD,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA;AAC9C,OAAO,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAA;AAE3E,OAAO,EAAE,wBAAwB,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAA;AAClF,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAA;AAC1D,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAA;AAE3C,MAAM,IAAI,GAAG,KAAK,IAAI,EAAE;IACtB,MAAM,OAAO,GAAG,MAAM,cAAc,EAAE,CAAA;IACtC,MAAM,GAAG,GAAG,iBAAiB,CAC3B,UAAU,EACV;QACE,QAAQ,EAAE;YACR,WAAW,EAAE,yBAAyB;YACtC,OAAO,EAAE;gBACP,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EAAE,yEAAyE;iBACvF;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,4EAA4E;iBAC/E;gBACD,eAAe,EAAE;oBACf,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,iGAAiG;iBACpG;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,wFAAwF;iBAC3F;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,UAAU;oBAClB,WAAW,EACT,oJAAoJ;iBACvJ;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,SAAS;oBACf,WAAW,EAAE,0CAA0C;oBACvD,SAAS,EAAE,GAAG;iBACf;gBACD,MAAM,EAAE;oBACN,IAAI,EAAE,MAAM;oBACZ,MAAM,EAAE,QAAQ;oBAChB,WAAW,EAAE,CAAC,SAAS,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,SAAS,CAAC;oBAC3E,WAAW,EACT,iIAAiI;iBACpI;aACF;SACF;QACD,SAAS,EAAE;YACT,WAAW,EAAE,8CAA8C;YAC3D,OAAO,EAAE;gBACP,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,+EAA+E;iBAClF;gBACD,eAAe,EAAE;oBACf,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EACT,+HAA+H;iBAClI;gBACD,OAAO,EAAE;oBACP,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,UAAU;oBAClB,WAAW,EACT,oGAAoG;iBACvG;aACF;SACF;QACD,UAAU,EAAE;YACV,WAAW,EAAE,kDAAkD;YAC/D,OAAO,EAAE;gBACP,SAAS,EAAE;oBACT,IAAI,EAAE,QAAQ;oBACd,MAAM,EAAE,QAAQ;oBAChB,WAAW,EAAE,+DAA+D;iBAC7E;gBACD,iBAAiB,EAAE;oBACjB,IAAI,EAAE,SAAS;oBACf,SAAS,EAAE,GAAG;oBACd,WAAW,EAAE,2CAA2C;iBACzD;aACF;SACF;KACF,EACD;QACE,cAAc,EAAE;YACd,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,4CAA4C;YACzD,MAAM,EAAE,UAAU;SACnB;QACD,SAAS,EAAE;YACT,IAAI,EAAE,QAAQ;YACd,WAAW,EAAE,sEAAsE;YACnF,MAAM,EAAE,QAAQ;SACjB;KACF,EACD;QACE,SAAS,EAAE,UAAU;QACrB,gBAAgB,EAAE,IAAI;QACtB,iBAAiB,EAAE,IAAI;QACvB,OAAO;KACR,CACF,CAAA;IAED,IAAI,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAA;IACrD,CAAC;IACD,MAAM,YAAY,GAAG,GAAG,CAAC,IAAI,CAAC,SAAS,IAAI,KAAK,CAAA;IAChD,MAAM,cAAc,GAAG,MAAM,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IACxE,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,EAAE,YAAY,CAAC,CAAA;IAEpE,IAAI,GAAG,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;QAClC,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;QAC1E,MAAM,WAAW,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAA;QAEpD,MAAM,MAAM,GAAG,MAAM,eAAe,CAClC;YACE,SAAS,EAAE,SAAU;YACrB,WAAW,EAAE,QAAQ;YACrB,eAAe,EAAE,eAAe;YAChC,MAAM,EAAE,MAAO;YACf,iBAAiB,EAAE,WAAW;SAC/B,EACD,aAAa,CACd,CAAA;QAED,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAA;YACnC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAA;QAC5D,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;QAC9C,CAAC;QAED,IAAI,CAAC,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAO,CAAC,EAAE,CAAC;YACzE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;IACH,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,EAAE,QAAQ,EAAE,eAAe,EAAE,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;QACvD,IAAI,CAAC,eAAe,IAAI,CAAC,QAAQ,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,KAAK,CACX,qGAAqG,CACtG,CAAA;YACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,aAAa,EAAE;YAC1C,QAAQ,EAAE,GAAG,CAAC,IAAI,CAAC,QAAS;YAC5B,OAAO,EAAE,GAAG,CAAC,IAAI,CAAC,OAAQ;YAC1B,eAAe,EAAE,GAAG,CAAC,IAAI,CAAC,eAAe;SAC1C,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;IAC/C,CAAC;SAAM,IAAI,GAAG,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;QACzC,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,GAAG,CAAC,IAAI,CAAA;QACjD,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAA;YACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;QACjB,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,aAAa,EAAE;YAC3C,SAAS,EAAE,SAAU;YACrB,iBAAiB;SAClB,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;IAC/C,CAAC;AACH,CAAC,CAAA;AAED,IAAI,EAAE;KACH,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;IACX,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;IAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC;KACD,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC;KACd,OAAO,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;AAEpB;;;;;GAKG;AACH,SAAS,uBAAuB,CAAC,WAAqB;IACpD,MAAM,UAAU,GAAsC,EAAE,CAAA;IACxD,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;QAC9B,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACvC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;YAC/B,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACtB,UAAU,CAAC,OAAO,CAAC,GAAG,MAAM,CAAA;YAC9B,CAAC;iBAAM,CAAC;gBACN,UAAU,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAA;YACjC,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAA;AACnB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cloud-copilot/iam-lens",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.13",
|
|
4
4
|
"description": "Visibility in IAM in and across AWS accounts",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"aws",
|
|
@@ -113,7 +113,9 @@
|
|
|
113
113
|
"@cloud-copilot/cli": "^0.1.30",
|
|
114
114
|
"@cloud-copilot/iam-collect": "^0.1.81",
|
|
115
115
|
"@cloud-copilot/iam-data": "^0.9.202505242",
|
|
116
|
+
"@cloud-copilot/iam-expand": "^0.11.13",
|
|
116
117
|
"@cloud-copilot/iam-policy": "^0.1.27",
|
|
118
|
+
"@cloud-copilot/iam-shrink": "^0.1.21",
|
|
117
119
|
"@cloud-copilot/iam-simulate": "^0.1.42",
|
|
118
120
|
"@cloud-copilot/iam-utils": "^0.1.7"
|
|
119
121
|
}
|