@cloud-copilot/iam-lens 0.1.7 → 0.1.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +263 -1
- package/dist/cjs/cli.js +56 -8
- package/dist/cjs/cli.js.map +1 -1
- package/dist/cjs/collect/client.d.ts +37 -2
- package/dist/cjs/collect/client.d.ts.map +1 -1
- package/dist/cjs/collect/client.js +126 -27
- package/dist/cjs/collect/client.js.map +1 -1
- package/dist/cjs/principals.d.ts +0 -5
- package/dist/cjs/principals.d.ts.map +1 -1
- package/dist/cjs/principals.js +0 -9
- package/dist/cjs/principals.js.map +1 -1
- package/dist/cjs/resources.js +1 -1
- package/dist/cjs/resources.js.map +1 -1
- package/dist/cjs/{contextKeys.d.ts → simulate/contextKeys.d.ts} +1 -1
- package/dist/cjs/simulate/contextKeys.d.ts.map +1 -0
- package/dist/cjs/{contextKeys.js → simulate/contextKeys.js} +1 -1
- package/dist/cjs/simulate/contextKeys.js.map +1 -0
- package/dist/cjs/{simulate.d.ts → simulate/simulate.d.ts} +4 -2
- package/dist/cjs/simulate/simulate.d.ts.map +1 -0
- package/dist/cjs/{simulate.js → simulate/simulate.js} +38 -20
- package/dist/cjs/simulate/simulate.js.map +1 -0
- package/dist/cjs/test-datasets/testClient.d.ts +9 -0
- package/dist/cjs/test-datasets/testClient.d.ts.map +1 -0
- package/dist/cjs/test-datasets/testClient.js +28 -0
- package/dist/cjs/test-datasets/testClient.js.map +1 -0
- package/dist/cjs/utils/arn.d.ts +22 -0
- package/dist/cjs/utils/arn.d.ts.map +1 -0
- package/dist/cjs/utils/arn.js +49 -0
- package/dist/cjs/utils/arn.js.map +1 -0
- package/dist/cjs/utils/sts.d.ts +2 -0
- package/dist/cjs/utils/sts.d.ts.map +1 -0
- package/dist/cjs/utils/sts.js +9 -0
- package/dist/cjs/utils/sts.js.map +1 -0
- package/dist/cjs/whoCan/whoCan.d.ts +54 -0
- package/dist/cjs/whoCan/whoCan.d.ts.map +1 -0
- package/dist/cjs/whoCan/whoCan.js +320 -0
- package/dist/cjs/whoCan/whoCan.js.map +1 -0
- package/dist/esm/cli.js +56 -8
- package/dist/esm/cli.js.map +1 -1
- package/dist/esm/collect/client.d.ts +37 -2
- package/dist/esm/collect/client.d.ts.map +1 -1
- package/dist/esm/collect/client.js +125 -27
- package/dist/esm/collect/client.js.map +1 -1
- package/dist/esm/principals.d.ts +0 -5
- package/dist/esm/principals.d.ts.map +1 -1
- package/dist/esm/principals.js +0 -8
- package/dist/esm/principals.js.map +1 -1
- package/dist/esm/resources.js +1 -1
- package/dist/esm/resources.js.map +1 -1
- package/dist/esm/{contextKeys.d.ts → simulate/contextKeys.d.ts} +1 -1
- package/dist/esm/simulate/contextKeys.d.ts.map +1 -0
- package/dist/esm/{contextKeys.js → simulate/contextKeys.js} +1 -1
- package/dist/esm/simulate/contextKeys.js.map +1 -0
- package/dist/esm/{simulate.d.ts → simulate/simulate.d.ts} +4 -2
- package/dist/esm/simulate/simulate.d.ts.map +1 -0
- package/dist/esm/{simulate.js → simulate/simulate.js} +37 -20
- package/dist/esm/simulate/simulate.js.map +1 -0
- package/dist/esm/test-datasets/testClient.d.ts +9 -0
- package/dist/esm/test-datasets/testClient.d.ts.map +1 -0
- package/dist/esm/test-datasets/testClient.js +25 -0
- package/dist/esm/test-datasets/testClient.js.map +1 -0
- package/dist/esm/utils/arn.d.ts +22 -0
- package/dist/esm/utils/arn.d.ts.map +1 -0
- package/dist/esm/utils/arn.js +43 -0
- package/dist/esm/utils/arn.js.map +1 -0
- package/dist/esm/utils/sts.d.ts +2 -0
- package/dist/esm/utils/sts.d.ts.map +1 -0
- package/dist/esm/utils/sts.js +6 -0
- package/dist/esm/utils/sts.js.map +1 -0
- package/dist/esm/whoCan/whoCan.d.ts +54 -0
- package/dist/esm/whoCan/whoCan.d.ts.map +1 -0
- package/dist/esm/whoCan/whoCan.js +311 -0
- package/dist/esm/whoCan/whoCan.js.map +1 -0
- package/package.json +1 -1
- package/dist/cjs/accounts.d.ts +0 -3
- package/dist/cjs/accounts.d.ts.map +0 -1
- package/dist/cjs/accounts.js +0 -8
- package/dist/cjs/accounts.js.map +0 -1
- package/dist/cjs/contextKeys.d.ts.map +0 -1
- package/dist/cjs/contextKeys.js.map +0 -1
- package/dist/cjs/simulate.d.ts.map +0 -1
- package/dist/cjs/simulate.js.map +0 -1
- package/dist/esm/accounts.d.ts +0 -3
- package/dist/esm/accounts.d.ts.map +0 -1
- package/dist/esm/accounts.js +0 -5
- package/dist/esm/accounts.js.map +0 -1
- package/dist/esm/contextKeys.d.ts.map +0 -1
- package/dist/esm/contextKeys.js.map +0 -1
- package/dist/esm/simulate.d.ts.map +0 -1
- package/dist/esm/simulate.js.map +0 -1
|
@@ -55,15 +55,34 @@ interface OrganizationMetadata {
|
|
|
55
55
|
TAG_POLICY?: boolean;
|
|
56
56
|
};
|
|
57
57
|
}
|
|
58
|
+
interface OrgStructureNode {
|
|
59
|
+
children?: OrgStructure | undefined;
|
|
60
|
+
accounts?: string[] | undefined;
|
|
61
|
+
}
|
|
62
|
+
interface OrgStructure {
|
|
63
|
+
[key: string]: OrgStructureNode;
|
|
64
|
+
}
|
|
65
|
+
export interface IamCollectClientOptions {
|
|
66
|
+
enableCaching?: boolean;
|
|
67
|
+
}
|
|
58
68
|
export declare class IamCollectClient {
|
|
59
69
|
private storageClient;
|
|
60
|
-
|
|
70
|
+
private _cache;
|
|
71
|
+
private _enableCaching;
|
|
72
|
+
constructor(storageClient: AwsIamStore, clientOptions?: IamCollectClientOptions);
|
|
73
|
+
private withCache;
|
|
61
74
|
/**
|
|
62
75
|
* Checks if an account exists in the store.
|
|
63
76
|
* @param accountId The ID of the account to check.
|
|
64
77
|
* @returns True if the account exists, false otherwise.
|
|
65
78
|
*/
|
|
66
79
|
accountExists(accountId: string): Promise<boolean>;
|
|
80
|
+
/**
|
|
81
|
+
* Get all account IDs in the store.
|
|
82
|
+
*
|
|
83
|
+
* @returns all account IDs in the store
|
|
84
|
+
*/
|
|
85
|
+
allAccounts(): Promise<string[]>;
|
|
67
86
|
/**
|
|
68
87
|
* Checks if a principal exists in the store.
|
|
69
88
|
* @param principalArn The ARN of the principal to check.
|
|
@@ -121,7 +140,7 @@ export declare class IamCollectClient {
|
|
|
121
140
|
* @param orgId The ID of the organization.
|
|
122
141
|
* @returns The account data for the organization.
|
|
123
142
|
*/
|
|
124
|
-
getAccountDataForOrg(orgId: string): Promise<OrgAccounts>;
|
|
143
|
+
getAccountDataForOrg(orgId: string): Promise<OrgAccounts | undefined>;
|
|
125
144
|
/**
|
|
126
145
|
* Gets the org units data for an organization.
|
|
127
146
|
* @param orgId The ID of the organization.
|
|
@@ -266,6 +285,22 @@ export declare class IamCollectClient {
|
|
|
266
285
|
* @returns a unique ID for the resource, or undefined if not found
|
|
267
286
|
*/
|
|
268
287
|
getUniqueIdForIamResource(resourceArn: string): Promise<string | undefined>;
|
|
288
|
+
/**
|
|
289
|
+
* Get the account IDs for an organization.
|
|
290
|
+
*
|
|
291
|
+
* @param organizationId the ID of the organization
|
|
292
|
+
* @returns a tuple containing a boolean indicating success and an array of account IDs
|
|
293
|
+
*/
|
|
294
|
+
getAccountsForOrganization(organizationId: string): Promise<[boolean, string[]]>;
|
|
295
|
+
/**
|
|
296
|
+
* Get the organization structure or an organization.
|
|
297
|
+
*
|
|
298
|
+
* @param orgId the ID of the organization
|
|
299
|
+
* @returns returns the organization structure or undefined if not found
|
|
300
|
+
*/
|
|
301
|
+
getOrganizationStructure(orgId: string): Promise<OrgStructure | undefined>;
|
|
302
|
+
getAccountsForOrgPath(orgId: string, ouIds: string[]): Promise<[boolean, string[]]>;
|
|
303
|
+
getAllPrincipalsInAccount(accountId: string): Promise<string[]>;
|
|
269
304
|
}
|
|
270
305
|
export {};
|
|
271
306
|
//# sourceMappingURL=client.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../../src/collect/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAIxD,MAAM,WAAW,qBAAqB;IACpC,aAAa,EAAE,MAAM,CAAA;IACrB,QAAQ,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,GAAG,CAAA;KAAE,EAAE,CAAA;CAC1C;AAED,UAAU,eAAe;IACvB,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,kBAAkB,EAAE,MAAM,CAAA;IAC1B,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;CAChB;
|
|
1
|
+
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../../src/collect/client.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAA;AAIxD,MAAM,WAAW,qBAAqB;IACpC,aAAa,EAAE,MAAM,CAAA;IACrB,QAAQ,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,GAAG,CAAA;KAAE,EAAE,CAAA;CAC1C;AAED,UAAU,eAAe;IACvB,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,kBAAkB,EAAE,MAAM,CAAA;IAC1B,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;CAChB;AAWD,MAAM,WAAW,SAAS;IACxB,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EAAE,GAAG,CAAA;CACZ;AAOD,MAAM,WAAW,aAAa;IAC5B,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EAAE,GAAG,CAAA;CACZ;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAA;IACZ,MAAM,EAAE,GAAG,CAAA;CACZ;AAED,UAAU,UAAU;IAClB,EAAE,EAAE,MAAM,CAAA;IACV,IAAI,EAAE,MAAM,EAAE,CAAA;IACd,IAAI,EAAE,MAAM,EAAE,CAAA;CACf;AAED,KAAK,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAA;AAQ7C,UAAU,cAAc;IACtB,MAAM,EAAE,MAAM,GAAG,SAAS,CAAA;IAC1B,IAAI,EAAE,MAAM,EAAE,CAAA;IACd,IAAI,EAAE,MAAM,EAAE,CAAA;CACf;AAED,KAAK,QAAQ,GAAG,MAAM,CAAC,MAAM,EAAE,cAAc,CAAC,CAAA;AAE9C,KAAK,aAAa,GAAG,MAAM,GAAG,MAAM,CAAA;AAEpC,UAAU,oBAAoB;IAC5B,EAAE,EAAE,MAAM,CAAA;IACV,GAAG,EAAE,MAAM,CAAA;IACX,MAAM,EAAE,MAAM,CAAA;IACd,cAAc,EAAE,MAAM,CAAA;IACtB,aAAa,EAAE,MAAM,CAAA;IACrB,QAAQ,EAAE;QACR,yBAAyB,CAAC,EAAE,OAAO,CAAA;QACnC,aAAa,CAAC,EAAE,OAAO,CAAA;QACvB,uBAAuB,CAAC,EAAE,OAAO,CAAA;QACjC,sBAAsB,CAAC,EAAE,OAAO,CAAA;QAChC,UAAU,CAAC,EAAE,OAAO,CAAA;KACrB,CAAA;CACF;AAQD,UAAU,gBAAgB;IACxB,QAAQ,CAAC,EAAE,YAAY,GAAG,SAAS,CAAA;IACnC,QAAQ,CAAC,EAAE,MAAM,EAAE,GAAG,SAAS,CAAA;CAChC;AAED,UAAU,YAAY;IACpB,CAAC,GAAG,EAAE,MAAM,GAAG,gBAAgB,CAAA;CAChC;AAED,MAAM,WAAW,uBAAuB;IACtC,aAAa,CAAC,EAAE,OAAO,CAAA;CACxB;AAED,qBAAa,gBAAgB;IAKzB,OAAO,CAAC,aAAa;IAJvB,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,cAAc,CAAS;gBAGrB,aAAa,EAAE,WAAW,EAClC,aAAa,CAAC,EAAE,uBAAuB;YAM3B,SAAS;IAWvB;;;;OAIG;IACG,aAAa,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKxD;;;;OAIG;IACG,WAAW,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAItC;;;;OAIG;IACG,eAAe,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAU7D;;;;OAIG;IACG,yBAAyB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,EAAE,CAAC;IAIpF;;;;;OAKG;IACG,+BAA+B,CACnC,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,aAAa,GACxB,OAAO,CAAC,qBAAqB,EAAE,CAAC;IAyCnC;;;;;OAKG;IACG,6BAA6B,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAkBzE;;;;OAIG;IACG,sBAAsB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAU5E;;;;;OAKG;IACG,4BAA4B,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAM5F;;;;OAIG;IACG,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAIhE;;;;;OAKG;IACG,wBAAwB,CAC5B,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,aAAa,GACxB,OAAO,CAAC,SAAS,EAAE,CAAC;IAkBvB;;;;OAIG;IACG,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;IAI3E;;;;OAIG;IACG,qBAAqB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;IAI7D;;;;;;OAMG;IACG,YAAY,CAChB,KAAK,EAAE,MAAM,EACb,UAAU,EAAE,aAAa,EACzB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,SAAS,CAAC;IAuBrB;;;;OAIG;IACG,iBAAiB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAIhE;;;;OAIG;IACG,yBAAyB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,EAAE,CAAC;IAIpF;;;;;OAKG;IACG,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAI/E;;;;;;OAMG;IACG,wBAAwB,CAC5B,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,EACjB,UAAU,EAAE,aAAa,GACxB,OAAO,CAAC,SAAS,EAAE,CAAC;IAavB;;;;;OAKG;IACG,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IAI/E;;;;OAIG;IACG,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAMxE;;;;OAIG;IACG,qBAAqB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAS5E;;;;OAIG;IACG,sBAAsB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IASzE;;;;OAIG;IACG,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAkBpE,gBAAgB,CAAC,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC;IAoBpF;;;;OAIG;IACG,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAalE,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,GAAG,SAAS,CAAC;IAU/E;;;;;OAKG;IACG,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,SAAS,CAAC;IAgBxF;;;;OAIG;IACG,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAW1D;;;;;OAKG;IACG,0BAA0B,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAkBtE,yBAAyB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAapE,yBAAyB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;IAkBpE,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC;IAalE,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,GAAG,SAAS,CAAC;IAgBxF;;;;;OAKG;IACG,uBAAuB,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,oBAAoB,CAAC;IAOpF;;;;;;OAMG;IACG,uBAAuB,CAAC,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,GAAG,SAAS,CAAC;IAgB/F;;;;;;OAMG;IACG,uBAAuB,CAAC,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,GAAG,GAAG,SAAS,CAAC;IAQ/F;;;;;;OAMG;IACG,kBAAkB,CACtB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAQlC;;;;;;;OAOG;IACG,yBAAyB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC;IAUjF;;;;;OAKG;IACG,0BAA0B,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IAStF;;;;;OAKG;IACG,wBAAwB,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,GAAG,SAAS,CAAC;IAO1E,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;IAwCnF,yBAAyB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;CAetE"}
|
|
@@ -1,7 +1,20 @@
|
|
|
1
1
|
import { splitArnParts } from '@cloud-copilot/iam-utils';
|
|
2
2
|
export class IamCollectClient {
|
|
3
|
-
constructor(storageClient) {
|
|
3
|
+
constructor(storageClient, clientOptions) {
|
|
4
4
|
this.storageClient = storageClient;
|
|
5
|
+
this._cache = {};
|
|
6
|
+
this._enableCaching = clientOptions?.enableCaching !== false;
|
|
7
|
+
}
|
|
8
|
+
// Generic cache helper
|
|
9
|
+
async withCache(cacheKey, fetcher) {
|
|
10
|
+
if (this._enableCaching && cacheKey in this._cache) {
|
|
11
|
+
return this._cache[cacheKey];
|
|
12
|
+
}
|
|
13
|
+
const value = await fetcher();
|
|
14
|
+
if (this._enableCaching) {
|
|
15
|
+
this._cache[cacheKey] = value;
|
|
16
|
+
}
|
|
17
|
+
return value;
|
|
5
18
|
}
|
|
6
19
|
/**
|
|
7
20
|
* Checks if an account exists in the store.
|
|
@@ -12,6 +25,14 @@ export class IamCollectClient {
|
|
|
12
25
|
const accounts = await this.storageClient.listAccountIds();
|
|
13
26
|
return accounts.includes(accountId);
|
|
14
27
|
}
|
|
28
|
+
/**
|
|
29
|
+
* Get all account IDs in the store.
|
|
30
|
+
*
|
|
31
|
+
* @returns all account IDs in the store
|
|
32
|
+
*/
|
|
33
|
+
async allAccounts() {
|
|
34
|
+
return this.storageClient.listAccountIds();
|
|
35
|
+
}
|
|
15
36
|
/**
|
|
16
37
|
* Checks if a principal exists in the store.
|
|
17
38
|
* @param principalArn The ARN of the principal to check.
|
|
@@ -37,36 +58,39 @@ export class IamCollectClient {
|
|
|
37
58
|
* @returns The policy hierarchy for the account.
|
|
38
59
|
*/
|
|
39
60
|
async getOrgPolicyHierarchyForAccount(accountId, policyType) {
|
|
40
|
-
const
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
|
|
49
|
-
|
|
50
|
-
|
|
51
|
-
|
|
52
|
-
const
|
|
61
|
+
const cacheKey = `orgPolicyHierarchy:${accountId}:${policyType}`;
|
|
62
|
+
return this.withCache(cacheKey, async () => {
|
|
63
|
+
const orgId = await this.getOrgIdForAccount(accountId);
|
|
64
|
+
if (!orgId) {
|
|
65
|
+
return [];
|
|
66
|
+
}
|
|
67
|
+
// SCPs and RCPs do not apply to the root account
|
|
68
|
+
const orgMetadata = await this.getOrganizationMetadata(orgId);
|
|
69
|
+
if (orgMetadata.rootAccountId === accountId) {
|
|
70
|
+
return [];
|
|
71
|
+
}
|
|
72
|
+
const policyHierarchy = [];
|
|
73
|
+
const orgHierarchy = await this.getOrgUnitHierarchyForAccount(accountId);
|
|
74
|
+
for (const ouId of orgHierarchy) {
|
|
75
|
+
const policies = await this.getOrgPoliciesForOrgUnit(orgId, ouId, policyType);
|
|
76
|
+
policyHierarchy.push({
|
|
77
|
+
orgIdentifier: ouId,
|
|
78
|
+
policies: policies.map((p) => ({
|
|
79
|
+
name: p.arn,
|
|
80
|
+
policy: p.policy
|
|
81
|
+
}))
|
|
82
|
+
});
|
|
83
|
+
}
|
|
84
|
+
const accountPolicies = await this.getOrgPoliciesForAccount(accountId, policyType);
|
|
53
85
|
policyHierarchy.push({
|
|
54
|
-
orgIdentifier:
|
|
55
|
-
policies:
|
|
86
|
+
orgIdentifier: accountId,
|
|
87
|
+
policies: accountPolicies.map((p) => ({
|
|
56
88
|
name: p.arn,
|
|
57
89
|
policy: p.policy
|
|
58
90
|
}))
|
|
59
91
|
});
|
|
60
|
-
|
|
61
|
-
const accountPolicies = await this.getOrgPoliciesForAccount(accountId, policyType);
|
|
62
|
-
policyHierarchy.push({
|
|
63
|
-
orgIdentifier: accountId,
|
|
64
|
-
policies: accountPolicies.map((p) => ({
|
|
65
|
-
name: p.arn,
|
|
66
|
-
policy: p.policy
|
|
67
|
-
}))
|
|
92
|
+
return policyHierarchy;
|
|
68
93
|
});
|
|
69
|
-
return policyHierarchy;
|
|
70
94
|
}
|
|
71
95
|
/**
|
|
72
96
|
* Gets the OUs for an account. The first element is the root,
|
|
@@ -101,7 +125,7 @@ export class IamCollectClient {
|
|
|
101
125
|
if (!orgId) {
|
|
102
126
|
return undefined;
|
|
103
127
|
}
|
|
104
|
-
const accounts = await this.getAccountDataForOrg(orgId);
|
|
128
|
+
const accounts = (await this.getAccountDataForOrg(orgId));
|
|
105
129
|
return accounts[accountId].ou;
|
|
106
130
|
}
|
|
107
131
|
/**
|
|
@@ -134,7 +158,7 @@ export class IamCollectClient {
|
|
|
134
158
|
if (!orgId) {
|
|
135
159
|
return [];
|
|
136
160
|
}
|
|
137
|
-
const accounts = await this.getAccountDataForOrg(orgId);
|
|
161
|
+
const accounts = (await this.getAccountDataForOrg(orgId));
|
|
138
162
|
const orgInformation = accounts[accountId];
|
|
139
163
|
const policyArns = orgInformation[policyType];
|
|
140
164
|
const policies = [];
|
|
@@ -171,6 +195,9 @@ export class IamCollectClient {
|
|
|
171
195
|
const policyId = policyArn.split('/').at(-1);
|
|
172
196
|
const policyData = await this.storageClient.getOrganizationPolicyMetadata(orgId, policyType, policyId, 'metadata');
|
|
173
197
|
const policyDocument = await this.storageClient.getOrganizationPolicyMetadata(orgId, policyType, policyId, 'policy');
|
|
198
|
+
if (!policyDocument) {
|
|
199
|
+
console.error(`Policy document not found for ${policyArn} in org ${orgId}`);
|
|
200
|
+
}
|
|
174
201
|
return {
|
|
175
202
|
arn: policyData.arn,
|
|
176
203
|
name: policyData.name,
|
|
@@ -276,6 +303,9 @@ export class IamCollectClient {
|
|
|
276
303
|
async getManagedPolicy(accountId, policyArn) {
|
|
277
304
|
const policyMetadata = await this.storageClient.getResourceMetadata(accountId, policyArn, 'metadata');
|
|
278
305
|
const policyDocument = await this.storageClient.getResourceMetadata(accountId, policyArn, 'policy');
|
|
306
|
+
if (!policyDocument) {
|
|
307
|
+
console.error(`Policy document not found for ${policyArn} in account ${accountId}`);
|
|
308
|
+
}
|
|
279
309
|
return {
|
|
280
310
|
arn: policyMetadata.arn,
|
|
281
311
|
name: policyMetadata.name,
|
|
@@ -442,5 +472,73 @@ export class IamCollectClient {
|
|
|
442
472
|
const resourceMetadata = await this.storageClient.getResourceMetadata(accountId, resourceArn, 'metadata');
|
|
443
473
|
return resourceMetadata?.id;
|
|
444
474
|
}
|
|
475
|
+
/**
|
|
476
|
+
* Get the account IDs for an organization.
|
|
477
|
+
*
|
|
478
|
+
* @param organizationId the ID of the organization
|
|
479
|
+
* @returns a tuple containing a boolean indicating success and an array of account IDs
|
|
480
|
+
*/
|
|
481
|
+
async getAccountsForOrganization(organizationId) {
|
|
482
|
+
const organizationAccounts = await this.getAccountDataForOrg(organizationId);
|
|
483
|
+
if (!organizationAccounts) {
|
|
484
|
+
return [false, []];
|
|
485
|
+
}
|
|
486
|
+
const accountIds = Object.keys(organizationAccounts);
|
|
487
|
+
return [true, accountIds];
|
|
488
|
+
}
|
|
489
|
+
/**
|
|
490
|
+
* Get the organization structure or an organization.
|
|
491
|
+
*
|
|
492
|
+
* @param orgId the ID of the organization
|
|
493
|
+
* @returns returns the organization structure or undefined if not found
|
|
494
|
+
*/
|
|
495
|
+
async getOrganizationStructure(orgId) {
|
|
496
|
+
return this.storageClient.getOrganizationMetadata(orgId, 'structure');
|
|
497
|
+
}
|
|
498
|
+
async getAccountsForOrgPath(orgId, ouIds) {
|
|
499
|
+
const orgUnits = await this.getOrganizationStructure(orgId);
|
|
500
|
+
if (!orgUnits || ouIds.length === 0) {
|
|
501
|
+
return [false, []];
|
|
502
|
+
}
|
|
503
|
+
const rootOu = orgUnits[ouIds[0]];
|
|
504
|
+
// Now look through the structure to find the OU
|
|
505
|
+
let currentStructure = rootOu;
|
|
506
|
+
for (const ou of ouIds.slice(1)) {
|
|
507
|
+
currentStructure = currentStructure.children?.[ou];
|
|
508
|
+
if (!currentStructure) {
|
|
509
|
+
return [false, []]; // OU not found in the structure
|
|
510
|
+
}
|
|
511
|
+
}
|
|
512
|
+
const getAccountId = (a) => a.split('/').at(-1);
|
|
513
|
+
const accounts = [];
|
|
514
|
+
if (currentStructure.accounts) {
|
|
515
|
+
accounts.push(...currentStructure.accounts?.map(getAccountId));
|
|
516
|
+
}
|
|
517
|
+
const children = Object.values(currentStructure.children || {});
|
|
518
|
+
// Traverse the children to collect all accounts
|
|
519
|
+
while (children.length > 0) {
|
|
520
|
+
const child = children.shift();
|
|
521
|
+
if (child?.accounts) {
|
|
522
|
+
accounts.push(...child.accounts.map(getAccountId));
|
|
523
|
+
}
|
|
524
|
+
if (child?.children) {
|
|
525
|
+
children.push(...Object.values(child.children));
|
|
526
|
+
}
|
|
527
|
+
}
|
|
528
|
+
return [true, accounts];
|
|
529
|
+
}
|
|
530
|
+
async getAllPrincipalsInAccount(accountId) {
|
|
531
|
+
const iamUsers = await this.storageClient.findResourceMetadata(accountId, {
|
|
532
|
+
service: 'iam',
|
|
533
|
+
resourceType: 'user',
|
|
534
|
+
account: accountId
|
|
535
|
+
});
|
|
536
|
+
const iamRoles = await this.storageClient.findResourceMetadata(accountId, {
|
|
537
|
+
service: 'iam',
|
|
538
|
+
resourceType: 'role',
|
|
539
|
+
account: accountId
|
|
540
|
+
});
|
|
541
|
+
return [...iamUsers.map((user) => user.arn), ...iamRoles.map((role) => role.arn)];
|
|
542
|
+
}
|
|
445
543
|
}
|
|
446
544
|
//# sourceMappingURL=client.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/collect/client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AA+FxD,MAAM,OAAO,gBAAgB;IAC3B,YAAoB,aAA0B;QAA1B,kBAAa,GAAb,aAAa,CAAa;IAAG,CAAC;IAElD;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,CAAA;QAC1D,OAAO,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;IACrC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,YAAoB;QACxC,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;QACxD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAChE,SAAS,EACT,YAAY,EACZ,UAAU,CACX,CAAA;QACD,OAAO,CAAC,CAAC,aAAa,CAAA;IACxB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,OAAO,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,+BAA+B,CACnC,SAAiB,EACjB,UAAyB;QAEzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QAED,iDAAiD;QACjD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAA;QAC7D,IAAI,WAAW,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;YAC5C,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,eAAe,GAA4B,EAAE,CAAA;QACnD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,SAAS,CAAC,CAAA;QAExE,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,UAAU,CAAC,CAAA;YAE7E,eAAe,CAAC,IAAI,CAAC;gBACnB,aAAa,EAAE,IAAI;gBACnB,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC7B,IAAI,EAAE,CAAC,CAAC,GAAG;oBACX,MAAM,EAAE,CAAC,CAAC,MAAM;iBACjB,CAAC,CAAC;aACJ,CAAC,CAAA;QACJ,CAAC;QAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;QAClF,eAAe,CAAC,IAAI,CAAC;YACnB,aAAa,EAAE,SAAS;YACxB,QAAQ,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACpC,IAAI,EAAE,CAAC,CAAC,GAAG;gBACX,MAAM,EAAE,CAAC,CAAC,MAAM;aACjB,CAAC,CAAC;SACJ,CAAC,CAAA;QAEF,OAAO,eAAe,CAAA;IACxB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,6BAA6B,CAAC,SAAiB;QACnD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QACD,MAAM,KAAK,GAAa,EAAE,CAAA;QAC1B,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAA;QACvD,KAAK,CAAC,IAAI,CAAC,IAAK,CAAC,CAAA;QACjB,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,4BAA4B,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;YACvE,IAAI,UAAU,EAAE,CAAC;gBACf,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;YAC3B,CAAC;YACD,IAAI,GAAG,UAAU,CAAA;QACnB,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAAC,SAAiB;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAA;QACvD,OAAO,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,CAAA;IAC/B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,4BAA4B,CAAC,KAAa,EAAE,IAAY;QAC5D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QACtD,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;QACvB,OAAO,EAAE,CAAC,MAAM,CAAA;IAClB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,OAAO,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,wBAAwB,CAC5B,SAAiB,EACjB,UAAyB;QAEzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAA;QACvD,MAAM,cAAc,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAA;QAC1C,MAAM,UAAU,GAAG,cAAc,CAAC,UAAU,CAAC,CAAA;QAC7C,MAAM,QAAQ,GAAgB,EAAE,CAAA;QAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,CAAA;YACxE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,oBAAoB,CAAC,KAAa;QACtC,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAA2B,KAAK,EAAE,UAAU,CAAC,CAAA;IAChG,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,KAAa;QACvC,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAAqB,KAAK,EAAE,KAAK,CAAC,CAAA;IACrF,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,YAAY,CAChB,KAAa,EACb,UAAyB,EACzB,SAAiB;QAEjB,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QAC7C,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,6BAA6B,CAGvE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAA;QAC1C,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,6BAA6B,CAC3E,KAAK,EACL,UAAU,EACV,QAAQ,EACR,QAAQ,CACT,CAAA;QAED,OAAO;YACL,GAAG,EAAE,UAAU,CAAC,GAAG;YACnB,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,MAAM,EAAE,cAAc;SACvB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,OAAO,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,OAAO,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,SAAiB;QACtD,OAAO,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,SAAiB,EACjB,UAAyB;QAEzB,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QAClE,MAAM,OAAO,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAA;QAC7C,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;QACvC,MAAM,QAAQ,GAAgB,EAAE,CAAA;QAChC,KAAK,MAAM,SAAS,IAAI,WAAW,EAAE,CAAC;YACpC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,CAAA;YACxE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,SAAiB;QACtD,OAAO,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CAAC,SAAiB;QACxC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAyB,kBAAkB,EAAE,EAAE,CAAC,CAAA;QAC/F,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAA;QAClC,OAAO,eAAe,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,UAAkB;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAC7C,qBAAqB,EACrB,EAAE,CACH,CAAA;QACD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAA;QACrC,OAAO,kBAAkB,CAAC,UAAU,CAAC,EAAE,SAAS,CAAA;IAClD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAAC,MAAc;QACzC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAC7C,yBAAyB,EACzB,EAAE,CACH,CAAA;QACD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAA;QACrC,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAA;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,OAAO,EACP,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,SAAiB,EAAE,SAAiB;QACzD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,CAAA;QACnC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACjE,SAAS,EACT,SAAS,EACT,QAAQ,CACT,CAAA;QACD,OAAO;YACL,GAAG,EAAE,cAAc,CAAC,GAAG;YACvB,IAAI,EAAE,cAAc,CAAC,IAAI;YACzB,MAAM,EAAE,cAAc;SACvB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,wBAAwB,CAAC,OAAe;QAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE5C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,OAAe;QACtC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,OAAO,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAC3C,SAAS,EACT,OAAO,EACP,UAAU,CACX,CAAA;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,6BAA6B,CAAC,OAAe;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,sBAAsB,GAAG,YAAY,CAAC,kBAAkB,CAAA;QAC9D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAA;IACjE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,gBAAgB,CAAC,OAAe;QACpC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACzD,SAAS,EACT,OAAO,EACP,QAAQ,EACR,EAAE,CACH,CAAA;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,0BAA0B,CAAC,QAAgB;QAC/C,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,SAAU,CAAA;QACpD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,QAAQ,EACR,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,QAAgB;QAC9C,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,SAAU,CAAA;QACpD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE7C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,OAAO,EACP,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,OAAe;QAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE5C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,6BAA6B,CAAC,OAAe;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,sBAAsB,GAAG,YAAY,CAAC,kBAAkB,CAAA;QAC9D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAA;IACjE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,uBAAuB,CAAC,cAAsB;QAClD,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAC/C,cAAc,EACd,UAAU,CACX,CAAA;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,WAAmB,EAAE,SAAiB;QAClE,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;QAC3C,IAAI,WAAW,GAAG,QAAQ,CAAA;QAE1B,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,IAAI,QAAQ,CAAC,YAAY,KAAK,MAAM,EAAE,CAAC;YACnE,WAAW,GAAG,cAAc,CAAA;QAC9B,CAAC;QAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACjE,SAAS,EACT,WAAW,EACX,WAAW,CACZ,CAAA;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,WAAmB,EAAE,SAAiB;QAClE,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,CAC5D,SAAS,EACT,WAAW,CACZ,CAAA;QACD,OAAO,cAAc,EAAE,MAAM,CAAA;IAC/B,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,kBAAkB,CACtB,WAAmB,EACnB,SAAiB;QAEjB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGvD,SAAS,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;QACjC,OAAO,IAAI,IAAI,EAAE,CAAA;IACnB,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,yBAAyB,CAAC,WAAmB;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC,SAAU,CAAA;QACvD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGnE,SAAS,EAAE,WAAW,EAAE,UAAU,CAAC,CAAA;QAErC,OAAO,gBAAgB,EAAE,EAAE,CAAA;IAC7B,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../../src/collect/client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AA0GxD,MAAM,OAAO,gBAAgB;IAI3B,YACU,aAA0B,EAClC,aAAuC;QAD/B,kBAAa,GAAb,aAAa,CAAa;QAJ5B,WAAM,GAAwB,EAAE,CAAA;QAOtC,IAAI,CAAC,cAAc,GAAG,aAAa,EAAE,aAAa,KAAK,KAAK,CAAA;IAC9D,CAAC;IAED,uBAAuB;IACf,KAAK,CAAC,SAAS,CAAI,QAAgB,EAAE,OAAyB;QACpE,IAAI,IAAI,CAAC,cAAc,IAAI,QAAQ,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YACnD,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAA;QAC9B,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,OAAO,EAAE,CAAA;QAC7B,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;YACxB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAA;QAC/B,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,aAAa,CAAC,SAAiB;QACnC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,CAAA;QAC1D,OAAO,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAA;IACrC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,WAAW;QACf,OAAO,IAAI,CAAC,aAAa,CAAC,cAAc,EAAE,CAAA;IAC5C,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,YAAoB;QACxC,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;QACxD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAChE,SAAS,EACT,YAAY,EACZ,UAAU,CACX,CAAA;QACD,OAAO,CAAC,CAAC,aAAa,CAAA;IACxB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,OAAO,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,+BAA+B,CACnC,SAAiB,EACjB,UAAyB;QAEzB,MAAM,QAAQ,GAAG,sBAAsB,SAAS,IAAI,UAAU,EAAE,CAAA;QAChE,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAK,IAAI,EAAE;YACzC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;YACtD,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,EAAE,CAAA;YACX,CAAC;YACD,iDAAiD;YACjD,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,uBAAuB,CAAC,KAAK,CAAC,CAAA;YAC7D,IAAI,WAAW,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;gBAC5C,OAAO,EAAE,CAAA;YACX,CAAC;YAED,MAAM,eAAe,GAA4B,EAAE,CAAA;YACnD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,6BAA6B,CAAC,SAAS,CAAC,CAAA;YAExE,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;gBAChC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,UAAU,CAAC,CAAA;gBAE7E,eAAe,CAAC,IAAI,CAAC;oBACnB,aAAa,EAAE,IAAI;oBACnB,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;wBAC7B,IAAI,EAAE,CAAC,CAAC,GAAG;wBACX,MAAM,EAAE,CAAC,CAAC,MAAM;qBACjB,CAAC,CAAC;iBACJ,CAAC,CAAA;YACJ,CAAC;YAED,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAA;YAClF,eAAe,CAAC,IAAI,CAAC;gBACnB,aAAa,EAAE,SAAS;gBACxB,QAAQ,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBACpC,IAAI,EAAE,CAAC,CAAC,GAAG;oBACX,MAAM,EAAE,CAAC,CAAC,MAAM;iBACjB,CAAC,CAAC;aACJ,CAAC,CAAA;YAEF,OAAO,eAAe,CAAA;QACxB,CAAC,CAAC,CAAA;IACJ,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,6BAA6B,CAAC,SAAiB;QACnD,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QACD,MAAM,KAAK,GAAa,EAAE,CAAA;QAC1B,IAAI,IAAI,GAAG,MAAM,IAAI,CAAC,sBAAsB,CAAC,SAAS,CAAC,CAAA;QACvD,KAAK,CAAC,IAAI,CAAC,IAAK,CAAC,CAAA;QACjB,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,4BAA4B,CAAC,KAAK,EAAE,IAAI,CAAC,CAAA;YACvE,IAAI,UAAU,EAAE,CAAC;gBACf,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,CAAA;YAC3B,CAAC;YACD,IAAI,GAAG,UAAU,CAAA;QACnB,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAAC,SAAiB;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAE,CAAA;QAC1D,OAAO,QAAQ,CAAC,SAAS,CAAC,CAAC,EAAE,CAAA;IAC/B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,4BAA4B,CAAC,KAAa,EAAE,IAAY;QAC5D,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QACtD,MAAM,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,CAAA;QACvB,OAAO,EAAE,CAAC,MAAM,CAAA;IAClB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,OAAO,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,wBAAwB,CAC5B,SAAiB,EACjB,UAAyB;QAEzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,SAAS,CAAC,CAAA;QACtD,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,EAAE,CAAA;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,CAAC,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAE,CAAA;QAC1D,MAAM,cAAc,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAA;QAC1C,MAAM,UAAU,GAAG,cAAc,CAAC,UAAU,CAAC,CAAA;QAC7C,MAAM,QAAQ,GAAgB,EAAE,CAAA;QAChC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;YACnC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,CAAA;YACxE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,oBAAoB,CAAC,KAAa;QACtC,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAA2B,KAAK,EAAE,UAAU,CAAC,CAAA;IAChG,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,KAAa;QACvC,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAAqB,KAAK,EAAE,KAAK,CAAC,CAAA;IACrF,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,YAAY,CAChB,KAAa,EACb,UAAyB,EACzB,SAAiB;QAEjB,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QAC7C,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,6BAA6B,CAGvE,KAAK,EAAE,UAAU,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAA;QAC1C,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,6BAA6B,CAC3E,KAAK,EACL,UAAU,EACV,QAAQ,EACR,QAAQ,CACT,CAAA;QACD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,iCAAiC,SAAS,WAAW,KAAK,EAAE,CAAC,CAAA;QAC7E,CAAC;QAED,OAAO;YACL,GAAG,EAAE,UAAU,CAAC,GAAG;YACnB,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,MAAM,EAAE,cAAc;SACvB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,iBAAiB,CAAC,SAAiB;QACvC,OAAO,IAAI,CAAC,wBAAwB,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IACzD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,OAAO,IAAI,CAAC,+BAA+B,CAAC,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,SAAiB;QACtD,OAAO,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,wBAAwB,CAC5B,KAAa,EACb,SAAiB,EACjB,UAAyB;QAEzB,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAA;QAClE,MAAM,OAAO,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAA;QAC7C,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAAA;QACvC,MAAM,QAAQ,GAAgB,EAAE,CAAA;QAChC,KAAK,MAAM,SAAS,IAAI,WAAW,EAAE,CAAC;YACpC,MAAM,UAAU,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,KAAK,EAAE,UAAU,EAAE,SAAS,CAAC,CAAA;YACxE,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAC3B,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,iBAAiB,CAAC,KAAa,EAAE,SAAiB;QACtD,OAAO,IAAI,CAAC,wBAAwB,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC,CAAA;IAChE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,kBAAkB,CAAC,SAAiB;QACxC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAyB,kBAAkB,EAAE,EAAE,CAAC,CAAA;QAC/F,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAA;QAClC,OAAO,eAAe,CAAC,SAAS,CAAC,CAAA;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,qBAAqB,CAAC,UAAkB;QAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAC7C,qBAAqB,EACrB,EAAE,CACH,CAAA;QACD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAA;QACrC,OAAO,kBAAkB,CAAC,UAAU,CAAC,EAAE,SAAS,CAAA;IAClD,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,sBAAsB,CAAC,MAAc;QACzC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,QAAQ,CAC7C,yBAAyB,EACzB,EAAE,CACH,CAAA;QACD,MAAM,kBAAkB,GAAG,KAAK,CAAC,IAAI,CAAA;QACrC,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAA;IACnC,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,OAAO,EACP,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,gBAAgB,CAAC,SAAiB,EAAE,SAAiB;QACzD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,CAAA;QACnC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACjE,SAAS,EACT,SAAS,EACT,QAAQ,CACT,CAAA;QACD,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,iCAAiC,SAAS,eAAe,SAAS,EAAE,CAAC,CAAA;QACrF,CAAC;QACD,OAAO;YACL,GAAG,EAAE,cAAc,CAAC,GAAG;YACvB,IAAI,EAAE,cAAc,CAAC,IAAI;YACzB,MAAM,EAAE,cAAc;SACvB,CAAA;IACH,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,wBAAwB,CAAC,OAAe;QAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE5C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,kBAAkB,CAAC,OAAe;QACtC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,OAAO,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAC3C,SAAS,EACT,OAAO,EACP,UAAU,CACX,CAAA;IACH,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,6BAA6B,CAAC,OAAe;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,sBAAsB,GAAG,YAAY,CAAC,kBAAkB,CAAA;QAC9D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAA;IACjE,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,gBAAgB,CAAC,OAAe;QACpC,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACzD,SAAS,EACT,OAAO,EACP,QAAQ,EACR,EAAE,CACH,CAAA;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,0BAA0B,CAAC,QAAgB;QAC/C,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,SAAU,CAAA;QACpD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,QAAQ,EACR,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,QAAgB;QAC9C,MAAM,SAAS,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,SAAU,CAAA;QACpD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,QAAQ,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE7C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,OAAe;QAC7C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAClE,SAAS,EACT,OAAO,EACP,kBAAkB,EAClB,EAAE,CACH,CAAA;QAED,MAAM,OAAO,GAAoB,EAAE,CAAA;QAEnC,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC,CAAA;QACjE,CAAC;QAED,OAAO,OAAO,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,wBAAwB,CAAC,OAAe;QAC5C,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGjE,SAAS,EAAE,OAAO,EAAE,iBAAiB,EAAE,EAAE,CAAC,CAAA;QAE5C,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,CAAC,CAAC,UAAU;YAClB,MAAM,EAAE,CAAC,CAAC,cAAc;SACzB,CAAC,CAAC,CAAA;IACL,CAAC;IAED,KAAK,CAAC,6BAA6B,CAAC,OAAe;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,SAAU,CAAA;QACnD,mFAAmF;QACnF,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAA;QAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,MAAM,sBAAsB,GAAG,YAAY,CAAC,kBAAkB,CAAA;QAC9D,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAC5B,OAAO,SAAS,CAAA;QAClB,CAAC;QAED,OAAO,IAAI,CAAC,gBAAgB,CAAC,SAAS,EAAE,sBAAsB,CAAC,CAAA;IACjE,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,uBAAuB,CAAC,cAAsB;QAClD,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAC/C,cAAc,EACd,UAAU,CACX,CAAA;IACH,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,WAAmB,EAAE,SAAiB;QAClE,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;QAC3C,IAAI,WAAW,GAAG,QAAQ,CAAA;QAE1B,IAAI,QAAQ,CAAC,OAAO,KAAK,KAAK,IAAI,QAAQ,CAAC,YAAY,KAAK,MAAM,EAAE,CAAC;YACnE,WAAW,GAAG,cAAc,CAAA;QAC9B,CAAC;QAED,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CACjE,SAAS,EACT,WAAW,EACX,WAAW,CACZ,CAAA;QACD,OAAO,cAAc,CAAA;IACvB,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,uBAAuB,CAAC,WAAmB,EAAE,SAAiB;QAClE,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,cAAc,CAC5D,SAAS,EACT,WAAW,CACZ,CAAA;QACD,OAAO,cAAc,EAAE,MAAM,CAAA;IAC/B,CAAC;IAED;;;;;;OAMG;IACH,KAAK,CAAC,kBAAkB,CACtB,WAAmB,EACnB,SAAiB;QAEjB,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGvD,SAAS,EAAE,WAAW,EAAE,MAAM,CAAC,CAAA;QACjC,OAAO,IAAI,IAAI,EAAE,CAAA;IACnB,CAAC;IAED;;;;;;;OAOG;IACH,KAAK,CAAC,yBAAyB,CAAC,WAAmB;QACjD,MAAM,SAAS,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC,SAAU,CAAA;QACvD,MAAM,gBAAgB,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,mBAAmB,CAGnE,SAAS,EAAE,WAAW,EAAE,UAAU,CAAC,CAAA;QAErC,OAAO,gBAAgB,EAAE,EAAE,CAAA;IAC7B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,0BAA0B,CAAC,cAAsB;QACrD,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,cAAc,CAAC,CAAA;QAC5E,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC1B,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;QACpB,CAAC;QACD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAA;QACpD,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;IAC3B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,wBAAwB,CAAC,KAAa;QAC1C,OAAO,IAAI,CAAC,aAAa,CAAC,uBAAuB,CAC/C,KAAK,EACL,WAAW,CACZ,CAAA;IACH,CAAC;IAED,KAAK,CAAC,qBAAqB,CAAC,KAAa,EAAE,KAAe;QACxD,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAA;QAC3D,IAAI,CAAC,QAAQ,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;QACpB,CAAC;QAED,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAEjC,gDAAgD;QAChD,IAAI,gBAAgB,GAAiC,MAAM,CAAA;QAC3D,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YAChC,gBAAgB,GAAG,gBAAgB,CAAC,QAAQ,EAAE,CAAC,EAAE,CAAC,CAAA;YAClD,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA,CAAC,gCAAgC;YACrD,CAAC;QACH,CAAC;QAED,MAAM,YAAY,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;QAExD,MAAM,QAAQ,GAAG,EAAE,CAAA;QACnB,IAAI,gBAAgB,CAAC,QAAQ,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,QAAQ,EAAE,GAAG,CAAC,YAAY,CAAC,CAAC,CAAA;QAChE,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAA;QAE/D,gDAAgD;QAChD,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;YAC9B,IAAI,KAAK,EAAE,QAAQ,EAAE,CAAC;gBACpB,QAAQ,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAA;YACpD,CAAC;YACD,IAAI,KAAK,EAAE,QAAQ,EAAE,CAAC;gBACpB,QAAQ,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAA;YACjD,CAAC;QACH,CAAC;QAED,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;IACzB,CAAC;IAED,KAAK,CAAC,yBAAyB,CAAC,SAAiB;QAC/C,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAmB,SAAS,EAAE;YAC1F,OAAO,EAAE,KAAK;YACd,YAAY,EAAE,MAAM;YACpB,OAAO,EAAE,SAAS;SACnB,CAAC,CAAA;QAEF,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,aAAa,CAAC,oBAAoB,CAAmB,SAAS,EAAE;YAC1F,OAAO,EAAE,KAAK;YACd,YAAY,EAAE,MAAM;YACpB,OAAO,EAAE,SAAS;SACnB,CAAC,CAAA;QAEF,OAAO,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAA;IACnF,CAAC;CACF"}
|
package/dist/esm/principals.d.ts
CHANGED
|
@@ -1,9 +1,4 @@
|
|
|
1
|
-
import { AwsIamStore } from '@cloud-copilot/iam-collect';
|
|
2
1
|
import { IamCollectClient, InlinePolicy, ManagedPolicy, SimulationOrgPolicies } from './collect/client.js';
|
|
3
|
-
/**
|
|
4
|
-
* Check if a principal exists in the specified AWS IAM store.
|
|
5
|
-
*/
|
|
6
|
-
export declare function principalExists(storageClient: AwsIamStore, principalArn: string): Promise<boolean>;
|
|
7
2
|
export interface PrincipalPolicies {
|
|
8
3
|
managedPolicies: ManagedPolicy[];
|
|
9
4
|
inlinePolicies: InlinePolicy[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principals.d.ts","sourceRoot":"","sources":["../../src/principals.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"principals.d.ts","sourceRoot":"","sources":["../../src/principals.ts"],"names":[],"mappings":"AAOA,OAAO,EACL,gBAAgB,EAChB,YAAY,EACZ,aAAa,EACb,qBAAqB,EACtB,MAAM,qBAAqB,CAAA;AAE5B,MAAM,WAAW,iBAAiB;IAChC,eAAe,EAAE,aAAa,EAAE,CAAA;IAChC,cAAc,EAAE,YAAY,EAAE,CAAA;IAC9B,kBAAkB,EAAE,aAAa,GAAG,SAAS,CAAA;IAC7C,IAAI,EAAE,qBAAqB,EAAE,CAAA;IAC7B,IAAI,EAAE,qBAAqB,EAAE,CAAA;IAC7B,aAAa,CAAC,EAAE;QACd,KAAK,EAAE,MAAM,CAAA;QACb,eAAe,EAAE,aAAa,EAAE,CAAA;QAChC,cAAc,EAAE,YAAY,EAAE,CAAA;KAC/B,EAAE,CAAA;CACJ;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,aAAa,EAAE,gBAAgB,EAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,iBAAiB,CAAC,CA2B5B;AAED;;;;;;GAMG;AACH,wBAAsB,qBAAqB,CACzC,aAAa,EAAE,gBAAgB,EAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,iBAAiB,CAAC,CAgB5B;AAED,wBAAsB,0BAA0B,CAC9C,aAAa,EAAE,gBAAgB,EAC/B,YAAY,EAAE,MAAM,GACnB,OAAO,CAAC,iBAAiB,CAAC,CAqB5B;AAED,wBAAgB,cAAc,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAEzD;AAED,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAE7D;AAED,wBAAgB,mBAAmB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAG9D"}
|
package/dist/esm/principals.js
CHANGED
|
@@ -1,12 +1,4 @@
|
|
|
1
1
|
import { convertAssumedRoleArnToRoleArn, isAssumedRoleArn, isIamRoleArn, isIamUserArn, splitArnParts } from '@cloud-copilot/iam-utils';
|
|
2
|
-
/**
|
|
3
|
-
* Check if a principal exists in the specified AWS IAM store.
|
|
4
|
-
*/
|
|
5
|
-
export async function principalExists(storageClient, principalArn) {
|
|
6
|
-
const accountId = splitArnParts(principalArn).accountId;
|
|
7
|
-
const principalData = await storageClient.getResourceMetadata(accountId, principalArn, 'metadata');
|
|
8
|
-
return !!principalData;
|
|
9
|
-
}
|
|
10
2
|
/**
|
|
11
3
|
* Get all the IAM policies for a user, including managed and inline policies, permission boundaries, and group policies.
|
|
12
4
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"principals.js","sourceRoot":"","sources":["../../src/principals.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"principals.js","sourceRoot":"","sources":["../../src/principals.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,8BAA8B,EAC9B,gBAAgB,EAChB,YAAY,EACZ,YAAY,EACZ,aAAa,EACd,MAAM,0BAA0B,CAAA;AAqBjC;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,aAA+B,EAC/B,YAAoB;IAEpB,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;IAExD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,YAAY,CAAC,CAAA;IACnF,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAA;IACjF,MAAM,kBAAkB,GAAG,MAAM,aAAa,CAAC,6BAA6B,CAAC,YAAY,CAAC,CAAA;IAC1F,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAA;IACjE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,aAAa,GAAG,EAAE,CAAA;IACxB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,oBAAoB,GAAG,MAAM,aAAa,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAA;QAClF,MAAM,mBAAmB,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,KAAK,CAAC,CAAA;QAChF,aAAa,CAAC,IAAI,CAAC;YACjB,KAAK;YACL,eAAe,EAAE,oBAAoB;YACrC,cAAc,EAAE,mBAAmB;SACpC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,eAAe;QACf,cAAc;QACd,kBAAkB;QAClB,aAAa;KACd,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,aAA+B,EAC/B,YAAoB;IAEpB,MAAM,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,CAAC,SAAU,CAAA;IAExD,MAAM,eAAe,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,YAAY,CAAC,CAAA;IACnF,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,wBAAwB,CAAC,YAAY,CAAC,CAAA;IACjF,MAAM,kBAAkB,GAAG,MAAM,aAAa,CAAC,6BAA6B,CAAC,YAAY,CAAC,CAAA;IAC1F,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IACrE,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;IAErE,OAAO;QACL,IAAI;QACJ,IAAI;QACJ,eAAe;QACf,cAAc;QACd,kBAAkB;KACnB,CAAA;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,0BAA0B,CAC9C,aAA+B,EAC/B,YAAoB;IAEpB,IAAI,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;QACrC,OAAO;YACL,IAAI,EAAE,EAAE;YACR,IAAI,EAAE,EAAE;YACR,eAAe,EAAE,EAAE;YACnB,cAAc,EAAE,EAAE;YAClB,kBAAkB,EAAE,SAAS;YAC7B,aAAa,EAAE,EAAE;SAClB,CAAA;IACH,CAAC;IAED,IAAI,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QAC/B,OAAO,qBAAqB,CAAC,aAAa,EAAE,YAAY,CAAC,CAAA;IAC3D,CAAC;SAAM,IAAI,YAAY,CAAC,YAAY,CAAC,EAAE,CAAC;QACtC,OAAO,qBAAqB,CAAC,aAAa,EAAE,YAAY,CAAC,CAAA;IAC3D,CAAC;SAAM,IAAI,gBAAgB,CAAC,YAAY,CAAC,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,8BAA8B,CAAC,YAAY,CAAC,CAAA;QAC5D,OAAO,qBAAqB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAA;IACtD,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,+BAA+B,YAAY,EAAE,CAAC,CAAA;AAChE,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,SAAiB;IAC9C,OAAO,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,CAAA;AACrC,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,SAAiB;IAClD,OAAO,CAAC,cAAc,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAA;AAC1E,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,SAAiB;IACnD,MAAM,QAAQ,GAAG,aAAa,CAAC,SAAS,CAAC,CAAA;IACzC,OAAO,cAAc,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,YAAY,EAAE,UAAU,CAAC,mBAAmB,CAAC,CAAA;AAC9F,CAAC"}
|
package/dist/esm/resources.js
CHANGED
|
@@ -13,7 +13,7 @@ export async function getAccountIdForResource(collectClient, resourceArn) {
|
|
|
13
13
|
return accountId;
|
|
14
14
|
}
|
|
15
15
|
if (arnParts.service === 's3' && arnParts.resourceType === '') {
|
|
16
|
-
const bucketName = arnParts.resourcePath;
|
|
16
|
+
const bucketName = arnParts.resourcePath.split('/')[0];
|
|
17
17
|
return collectClient.getAccountIdForBucket(bucketName);
|
|
18
18
|
}
|
|
19
19
|
else if (arnParts.service === 'apigateway' && arnParts.resourceType === 'restapis') {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"resources.js","sourceRoot":"","sources":["../../src/resources.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AAGxD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,aAA+B,EAC/B,WAAmB;IAEnB,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;IAC3C,IAAI,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAA;IAClC,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,IAAI,QAAQ,CAAC,OAAO,KAAK,IAAI,IAAI,QAAQ,CAAC,YAAY,KAAK,EAAE,EAAE,CAAC;QAC9D,MAAM,UAAU,GAAG,QAAQ,CAAC,YAAa,CAAA;
|
|
1
|
+
{"version":3,"file":"resources.js","sourceRoot":"","sources":["../../src/resources.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AAGxD;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,aAA+B,EAC/B,WAAmB;IAEnB,MAAM,QAAQ,GAAG,aAAa,CAAC,WAAW,CAAC,CAAA;IAC3C,IAAI,SAAS,GAAG,QAAQ,CAAC,SAAS,CAAA;IAClC,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,IAAI,QAAQ,CAAC,OAAO,KAAK,IAAI,IAAI,QAAQ,CAAC,YAAY,KAAK,EAAE,EAAE,CAAC;QAC9D,MAAM,UAAU,GAAG,QAAQ,CAAC,YAAa,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;QACvD,OAAO,aAAa,CAAC,qBAAqB,CAAC,UAAU,CAAC,CAAA;IACxD,CAAC;SAAM,IAAI,QAAQ,CAAC,OAAO,KAAK,YAAY,IAAI,QAAQ,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;QACrF,MAAM,KAAK,GAAG,QAAQ,CAAC,YAAa,CAAA;QACpC,OAAO,aAAa,CAAC,sBAAsB,CAAC,KAAK,CAAC,CAAA;IACpD,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,aAA+B,EAC/B,WAAmB;IAEnB,MAAM,SAAS,GAAG,MAAM,uBAAuB,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;IAC3E,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,oDAAoD,WAAW,EAAE,CAAC,CAAA;IACpF,CAAC;IACD,OAAO,aAAa,CAAC,yBAAyB,CAAC,SAAS,CAAC,CAAA;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,aAA+B,EAC/B,WAAmB;IAEnB,2CAA2C;IAC3C,MAAM,SAAS,GAAG,MAAM,uBAAuB,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;IAC3E,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,IAAI,KAAK,CAAC,oDAAoD,WAAW,EAAE,CAAC,CAAA;IACpF,CAAC;IACD,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,uBAAuB,CAAC,WAAW,EAAE,SAAS,CAAC,CAAA;IAC1F,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,cAAc,CAAA;IACvB,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,uBAAuB,CAAC,WAAW,EAAE,SAAS,CAAC,CAAA;IACrF,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,SAAS,CAAA;IAClB,CAAC;IAED,gEAAgE;IAChE,OAAO,SAAS,CAAA;AAClB,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { IamCollectClient } from '
|
|
1
|
+
import { IamCollectClient } from '../collect/client.js';
|
|
2
2
|
import { SimulationRequest } from './simulate.js';
|
|
3
3
|
export type ContextKeys = Record<string, string | string[]>;
|
|
4
4
|
export declare function createContextKeys(collectClient: IamCollectClient, simulationRequest: SimulationRequest, contextKeyOverrides: ContextKeys): Promise<ContextKeys>;
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"contextKeys.d.ts","sourceRoot":"","sources":["../../../src/simulate/contextKeys.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAEvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAA;AAEjD,MAAM,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC,CAAA;AAE3D,wBAAsB,iBAAiB,CACrC,aAAa,EAAE,gBAAgB,EAC/B,iBAAiB,EAAE,iBAAiB,EACpC,mBAAmB,EAAE,WAAW,GAC/B,OAAO,CAAC,WAAW,CAAC,CAkGtB"}
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import { convertAssumedRoleArnToRoleArn, splitArnParts } from '@cloud-copilot/iam-utils';
|
|
2
|
-
import { isArnPrincipal, isServicePrincipal } from '
|
|
2
|
+
import { isArnPrincipal, isServicePrincipal } from '../principals.js';
|
|
3
3
|
export async function createContextKeys(collectClient, simulationRequest, contextKeyOverrides) {
|
|
4
4
|
const result = {
|
|
5
5
|
'aws:SecureTransport': 'true',
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"contextKeys.js","sourceRoot":"","sources":["../../../src/simulate/contextKeys.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,8BAA8B,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AAExF,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,kBAAkB,CAAA;AAKrE,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,aAA+B,EAC/B,iBAAoC,EACpC,mBAAgC;IAEhC,MAAM,MAAM,GAAgB;QAC1B,qBAAqB,EAAE,MAAM;QAC7B,iBAAiB,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QAC3C,eAAe,EAAE,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,QAAQ,EAAE;KAC1D,CAAA;IAED,IAAI,cAAc,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;QAChD,MAAM,CAAC,kBAAkB,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAA;QACxD,MAAM,QAAQ,GAAG,aAAa,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAA;QAC3D,MAAM,kBAAkB,GAAG,QAAQ,CAAC,SAAU,CAAA;QAC9C,MAAM,CAAC,sBAAsB,CAAC,GAAG,QAAQ,CAAC,SAAS,IAAI,EAAE,CAAA;QAEzD,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,kBAAkB,CAAC,kBAAkB,CAAC,CAAA;QACxE,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,CAAC,oBAAoB,CAAC,GAAG,KAAK,CAAA;YAEpC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,6BAA6B,CAAC,kBAAkB,CAAC,CAAA;YAC1F,MAAM,CAAC,uBAAuB,CAAC,GAAG,CAAC,GAAG,KAAK,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAC3E,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,aAAa,CAAC,kBAAkB,CACjD,iBAAiB,CAAC,SAAS,EAC3B,kBAAkB,CACnB,CAAA;QAED,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,MAAM,CAAC,oBAAoB,GAAG,EAAE,CAAC,GAAG,KAAK,CAAA;QAC3C,CAAC;QAED,MAAM,CAAC,2BAA2B,CAAC,GAAG,OAAO,CAAA;QAE7C,IAAI,iBAAiB,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAClD,MAAM,CAAC,mBAAmB,CAAC,GAAG,SAAS,CAAA;YACvC,MAAM,CAAC,YAAY,CAAC,GAAG,kBAAkB,CAAA;QAC3C,CAAC;aAAM,IAAI,QAAQ,CAAC,YAAY,KAAK,MAAM,EAAE,CAAC;YAC5C,MAAM,CAAC,mBAAmB,CAAC,GAAG,MAAM,CAAA;YACpC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAChE,iBAAiB,CAAC,SAAS,CAC5B,CAAA;YACD,MAAM,CAAC,YAAY,CAAC,GAAG,YAAY,IAAI,SAAS,CAAA;YAChD,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;YAC1D,MAAM,CAAC,cAAc,CAAC,GAAG,QAAQ,CAAA;QACnC,CAAC;aAAM,IAAI,QAAQ,CAAC,YAAY,KAAK,gBAAgB,EAAE,CAAC;YACtD,MAAM,CAAC,mBAAmB,CAAC,GAAG,eAAe,CAAA;YAC7C,MAAM,CAAC,YAAY,CAAC,GAAG,GAAG,QAAQ,CAAC,SAAS,IAAI,QAAQ,CAAC,YAAY,EAAE,CAAA;QACzE,CAAC;aAAM,IAAI,QAAQ,CAAC,YAAY,KAAK,cAAc,EAAE,CAAC;YACpD,MAAM,CAAC,mBAAmB,CAAC,GAAG,aAAa,CAAA;YAE3C,MAAM,WAAW,GAAG,QAAQ,CAAC,YAAY,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAE,CAAA;YAC7D,MAAM,OAAO,GAAG,8BAA8B,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAA;YAC3E,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,yBAAyB,CAAC,OAAO,CAAC,CAAA;YAC3E,MAAM,CAAC,YAAY,CAAC,GAAG,GAAG,YAAY,IAAI,SAAS,IAAI,WAAW,EAAE,CAAA;QACtE,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,IAAI,CAAC,+BAA+B,CAAC,iBAAiB,CAAC,MAAM,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,qBAAqB,CAAC,GAAG,iBAAiB,CAAC,eAAgB,CAAA;QAElE,MAAM,aAAa,GAAG,MAAM,aAAa,CAAC,kBAAkB,CAAC,iBAAiB,CAAC,eAAgB,CAAC,CAAA;QAChG,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,CAAC,mBAAmB,CAAC,GAAG,aAAa,CAAA;YAE3C,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,6BAA6B,CACpE,iBAAiB,CAAC,eAAgB,CACnC,CAAA;YAED,MAAM,CAAC,sBAAsB,CAAC,GAAG,CAAC,GAAG,aAAa,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;QAClF,CAAC;IACH,CAAC;IAED,IAAI,iBAAiB,CAAC,WAAW,EAAE,CAAC;QAClC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,kBAAkB,CACzD,iBAAiB,CAAC,WAAW,EAC7B,iBAAiB,CAAC,eAAgB,CACnC,CAAA;QAED,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;YACxD,MAAM,CAAC,mBAAmB,GAAG,EAAE,CAAC,GAAG,KAAK,CAAA;QAC1C,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,IAAI,kBAAkB,CAAC,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;QACpD,MAAM,CAAC,2BAA2B,CAAC,GAAG,MAAM,CAAA;QAC5C,MAAM,CAAC,0BAA0B,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAA;QAChE,MAAM,CAAC,mBAAmB,CAAC,GAAG,iBAAiB,CAAC,eAAgB,CAAA;QAChE,MAAM,CAAC,iBAAiB,CAAC,GAAG,MAAM,CAAC,mBAAmB,CAAC,CAAA;QACvD,MAAM,CAAC,oBAAoB,CAAC,GAAG,MAAM,CAAC,sBAAsB,CAAC,CAAA;IAC/D,CAAC;IAED,wCAAwC;IACxC,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,EAAE,CAAC;QAC/D,MAAM,CAAC,GAAG,CAAC,GAAG,KAAK,CAAA;IACrB,CAAC;IAED,OAAO,MAAM,CAAA;AACf,CAAC;AAED,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAC;IAC7C,6CAA6C;IAC7C,4BAA4B;IAC5B,0BAA0B;IAC1B,2CAA2C;IAC3C,kCAAkC;IAClC,gCAAgC;IAChC,kBAAkB;IAClB,2CAA2C;IAC3C,uBAAuB;IACvB,gCAAgC;IAChC,2CAA2C;IAC3C,gCAAgC;IAChC,2CAA2C;IAC3C,kCAAkC;IAClC,gCAAgC;IAChC,yCAAyC;IACzC,yBAAyB;IACzB,4BAA4B;IAC5B,oCAAoC;IACpC,2CAA2C;IAC3C,2CAA2C;IAC3C,uCAAuC;IACvC,8BAA8B;IAC9B,2CAA2C;CAC5C,CAAC,CAAA;AAEF,SAAS,+BAA+B,CAAC,MAAc;IACrD,MAAM,eAAe,GAAG,MAAM,CAAC,WAAW,EAAE,CAAA;IAC5C,OAAO,eAAe,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,8BAA8B,CAAC,GAAG,CAAC,eAAe,CAAC,CAAA;AAClG,CAAC"}
|
|
@@ -1,11 +1,13 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { EvaluationResult } from '@cloud-copilot/iam-simulate';
|
|
2
|
+
import { IamCollectClient } from '../collect/client.js';
|
|
2
3
|
import { ContextKeys } from './contextKeys.js';
|
|
3
4
|
export interface SimulationRequest {
|
|
4
|
-
resourceArn: string;
|
|
5
|
+
resourceArn: string | undefined;
|
|
5
6
|
resourceAccount: string | undefined;
|
|
6
7
|
action: string;
|
|
7
8
|
principal: string;
|
|
8
9
|
customContextKeys: ContextKeys;
|
|
9
10
|
}
|
|
10
11
|
export declare function simulateRequest(simulationRequest: SimulationRequest, collectClient: IamCollectClient): Promise<import("@cloud-copilot/iam-simulate").SimulationResult>;
|
|
12
|
+
export declare function resultMatchesExpectation(expected: EvaluationResult | 'AnyDeny' | undefined, result: EvaluationResult): boolean;
|
|
11
13
|
//# sourceMappingURL=simulate.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"simulate.d.ts","sourceRoot":"","sources":["../../../src/simulate/simulate.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAA6B,MAAM,6BAA6B,CAAA;AAEzF,OAAO,EAAE,gBAAgB,EAAyB,MAAM,sBAAsB,CAAA;AAY9E,OAAO,EAAE,WAAW,EAAqB,MAAM,kBAAkB,CAAA;AAEjE,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,MAAM,GAAG,SAAS,CAAA;IAC/B,eAAe,EAAE,MAAM,GAAG,SAAS,CAAA;IACnC,MAAM,EAAE,MAAM,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;IAEjB,iBAAiB,EAAE,WAAW,CAAA;CAC/B;AAED,wBAAsB,eAAe,CACnC,iBAAiB,EAAE,iBAAiB,EACpC,aAAa,EAAE,gBAAgB,mEAqFhC;AA0GD,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,gBAAgB,GAAG,SAAS,GAAG,SAAS,EAClD,MAAM,EAAE,gBAAgB,GACvB,OAAO,CAQT"}
|
|
@@ -1,21 +1,11 @@
|
|
|
1
1
|
import { iamActionDetails, iamActionExists, iamServiceExists } from '@cloud-copilot/iam-data';
|
|
2
2
|
import { runSimulation } from '@cloud-copilot/iam-simulate';
|
|
3
3
|
import { isIamRoleArn, splitArnParts } from '@cloud-copilot/iam-utils';
|
|
4
|
+
import { getAllPoliciesForPrincipal, isServiceLinkedRole } from '../principals.js';
|
|
5
|
+
import { getAccountIdForResource, getRcpsForResource, getResourcePolicyForResource } from '../resources.js';
|
|
6
|
+
import { AssumeRoleActions } from '../utils/sts.js';
|
|
4
7
|
import { createContextKeys } from './contextKeys.js';
|
|
5
|
-
import { getAllPoliciesForPrincipal, isServiceLinkedRole } from './principals.js';
|
|
6
|
-
import { getAccountIdForResource, getRcpsForResource, getResourcePolicyForResource } from './resources.js';
|
|
7
|
-
const assumeRoleActions = new Set([
|
|
8
|
-
'sts:assumerole',
|
|
9
|
-
'sts:assumerolewithwebidentity',
|
|
10
|
-
'sts:assumerolewithsaml'
|
|
11
|
-
]);
|
|
12
8
|
export async function simulateRequest(simulationRequest, collectClient) {
|
|
13
|
-
simulationRequest.resourceAccount =
|
|
14
|
-
simulationRequest.resourceAccount ||
|
|
15
|
-
(await getAccountIdForResource(collectClient, simulationRequest.resourceArn));
|
|
16
|
-
if (!simulationRequest.resourceAccount) {
|
|
17
|
-
throw new Error(`Unable to find account ID for resource ${simulationRequest.resourceArn}`);
|
|
18
|
-
}
|
|
19
9
|
const actionParts = simulationRequest.action.split(':');
|
|
20
10
|
const service = actionParts[0];
|
|
21
11
|
const serviceAction = actionParts[1];
|
|
@@ -25,17 +15,27 @@ export async function simulateRequest(simulationRequest, collectClient) {
|
|
|
25
15
|
throw new Error(`Unable to find action details for ${simulationRequest.action}`);
|
|
26
16
|
}
|
|
27
17
|
const actionDetails = await iamActionDetails(service, serviceAction);
|
|
18
|
+
// If it is a wildcard action, the resource account is always the principal account
|
|
28
19
|
if (actionDetails.isWildcardOnly) {
|
|
29
20
|
simulationRequest.resourceAccount = splitArnParts(simulationRequest.principal).accountId;
|
|
30
21
|
}
|
|
22
|
+
if (!simulationRequest.resourceAccount && !simulationRequest.resourceArn) {
|
|
23
|
+
throw new Error('Non wildcard actions require a resource ARN or resource account to be specified.');
|
|
24
|
+
}
|
|
25
|
+
simulationRequest.resourceAccount =
|
|
26
|
+
simulationRequest.resourceAccount ||
|
|
27
|
+
(await getAccountIdForResource(collectClient, simulationRequest.resourceArn));
|
|
28
|
+
if (!simulationRequest.resourceAccount) {
|
|
29
|
+
throw new Error(`Unable to find account ID for resource ${simulationRequest.resourceArn}`);
|
|
30
|
+
}
|
|
31
31
|
//Lookup the principal policies
|
|
32
32
|
const principalPolicies = await getAllPoliciesForPrincipal(collectClient, simulationRequest.principal);
|
|
33
|
-
const resourcePolicy = await
|
|
34
|
-
const useResourcePolicy =
|
|
35
|
-
|
|
36
|
-
|
|
33
|
+
const { resourcePolicy, resourceRcps } = await getResourcePolicies(collectClient, simulationRequest.resourceArn);
|
|
34
|
+
const useResourcePolicy = simulationRequest.resourceArn &&
|
|
35
|
+
!(isIamRoleArn(simulationRequest.resourceArn) && service.toLowerCase() === 'iam');
|
|
36
|
+
if (AssumeRoleActions.has(simulationRequest.action.toLowerCase()) && !resourcePolicy) {
|
|
37
|
+
throw new Error(`Trust policy not found for resource ${simulationRequest.resourceArn}. sts assume role actions require a trust policy.`);
|
|
37
38
|
}
|
|
38
|
-
const resourceRcps = await getRcpsForResource(collectClient, simulationRequest.resourceArn);
|
|
39
39
|
const context = await createContextKeys(collectClient, simulationRequest, simulationRequest.customContextKeys);
|
|
40
40
|
const applicableScps = isServiceLinkedRole(simulationRequest.principal)
|
|
41
41
|
? []
|
|
@@ -44,7 +44,7 @@ export async function simulateRequest(simulationRequest, collectClient) {
|
|
|
44
44
|
request: {
|
|
45
45
|
action: simulationRequest.action,
|
|
46
46
|
resource: {
|
|
47
|
-
resource: simulationRequest.resourceArn,
|
|
47
|
+
resource: simulationRequest.resourceArn || '*',
|
|
48
48
|
accountId: simulationRequest.resourceAccount
|
|
49
49
|
},
|
|
50
50
|
principal: simulationRequest.principal,
|
|
@@ -52,13 +52,21 @@ export async function simulateRequest(simulationRequest, collectClient) {
|
|
|
52
52
|
},
|
|
53
53
|
identityPolicies: prepareIdentityPolicies(simulationRequest.principal, principalPolicies),
|
|
54
54
|
serviceControlPolicies: applicableScps,
|
|
55
|
-
resourceControlPolicies: rcpsForRequest(simulationRequest.principal, actionDetails.isWildcardOnly, resourceRcps, principalPolicies.
|
|
55
|
+
resourceControlPolicies: rcpsForRequest(simulationRequest.principal, actionDetails.isWildcardOnly, resourceRcps, principalPolicies.rcps),
|
|
56
56
|
resourcePolicy: useResourcePolicy ? resourcePolicy : undefined,
|
|
57
57
|
permissionBoundaryPolicies: preparePermissionBoundary(principalPolicies)
|
|
58
58
|
};
|
|
59
59
|
const result = await runSimulation(simulation, {});
|
|
60
60
|
return result;
|
|
61
61
|
}
|
|
62
|
+
async function getResourcePolicies(collectClient, resourceArn) {
|
|
63
|
+
if (!resourceArn) {
|
|
64
|
+
return { resourcePolicy: undefined, resourceRcps: [] };
|
|
65
|
+
}
|
|
66
|
+
const resourcePolicy = await getResourcePolicyForResource(collectClient, resourceArn);
|
|
67
|
+
const resourceRcps = await getRcpsForResource(collectClient, resourceArn);
|
|
68
|
+
return { resourcePolicy, resourceRcps };
|
|
69
|
+
}
|
|
62
70
|
function rcpsForRequest(principalArn, actionIsWildcard, resourceRcps, principalRcps) {
|
|
63
71
|
if (isServiceLinkedRole(principalArn)) {
|
|
64
72
|
return [];
|
|
@@ -126,4 +134,13 @@ function preparePermissionBoundary(principalPolicies) {
|
|
|
126
134
|
}
|
|
127
135
|
return undefined;
|
|
128
136
|
}
|
|
137
|
+
export function resultMatchesExpectation(expected, result) {
|
|
138
|
+
if (!expected) {
|
|
139
|
+
return true;
|
|
140
|
+
}
|
|
141
|
+
if (expected === 'AnyDeny') {
|
|
142
|
+
return result.includes('Denied');
|
|
143
|
+
}
|
|
144
|
+
return expected === result;
|
|
145
|
+
}
|
|
129
146
|
//# sourceMappingURL=simulate.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"simulate.js","sourceRoot":"","sources":["../../../src/simulate/simulate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAA;AAC7F,OAAO,EAAoB,aAAa,EAAc,MAAM,6BAA6B,CAAA;AACzF,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAA;AAEtE,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EAEpB,MAAM,kBAAkB,CAAA;AACzB,OAAO,EACL,uBAAuB,EACvB,kBAAkB,EAClB,4BAA4B,EAC7B,MAAM,iBAAiB,CAAA;AACxB,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAA;AACnD,OAAO,EAAe,iBAAiB,EAAE,MAAM,kBAAkB,CAAA;AAWjE,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,iBAAoC,EACpC,aAA+B;IAE/B,MAAM,WAAW,GAAG,iBAAiB,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACvD,MAAM,OAAO,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;IAC9B,MAAM,aAAa,GAAG,WAAW,CAAC,CAAC,CAAC,CAAA;IACpC,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAA;IACrD,MAAM,YAAY,GAAG,aAAa,IAAI,CAAC,MAAM,eAAe,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAA;IACrF,IAAI,CAAC,aAAa,IAAI,CAAC,YAAY,EAAE,CAAC;QACpC,MAAM,IAAI,KAAK,CAAC,qCAAqC,iBAAiB,CAAC,MAAM,EAAE,CAAC,CAAA;IAClF,CAAC;IACD,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,aAAa,CAAC,CAAA;IAEpE,mFAAmF;IACnF,IAAI,aAAa,CAAC,cAAc,EAAE,CAAC;QACjC,iBAAiB,CAAC,eAAe,GAAG,aAAa,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,SAAU,CAAA;IAC3F,CAAC;IAED,IAAI,CAAC,iBAAiB,CAAC,eAAe,IAAI,CAAC,iBAAiB,CAAC,WAAW,EAAE,CAAC;QACzE,MAAM,IAAI,KAAK,CACb,kFAAkF,CACnF,CAAA;IACH,CAAC;IACD,iBAAiB,CAAC,eAAe;QAC/B,iBAAiB,CAAC,eAAe;YACjC,CAAC,MAAM,uBAAuB,CAAC,aAAa,EAAE,iBAAiB,CAAC,WAAY,CAAC,CAAC,CAAA;IAEhF,IAAI,CAAC,iBAAiB,CAAC,eAAe,EAAE,CAAC;QACvC,MAAM,IAAI,KAAK,CAAC,0CAA0C,iBAAiB,CAAC,WAAW,EAAE,CAAC,CAAA;IAC5F,CAAC;IAED,+BAA+B;IAC/B,MAAM,iBAAiB,GAAG,MAAM,0BAA0B,CACxD,aAAa,EACb,iBAAiB,CAAC,SAAS,CAC5B,CAAA;IAED,MAAM,EAAE,cAAc,EAAE,YAAY,EAAE,GAAG,MAAM,mBAAmB,CAChE,aAAa,EACb,iBAAiB,CAAC,WAAW,CAC9B,CAAA;IAED,MAAM,iBAAiB,GACrB,iBAAiB,CAAC,WAAW;QAC7B,CAAC,CAAC,YAAY,CAAC,iBAAiB,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,CAAA;IAEnF,IAAI,iBAAiB,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QACrF,MAAM,IAAI,KAAK,CACb,uCAAuC,iBAAiB,CAAC,WAAW,mDAAmD,CACxH,CAAA;IACH,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,iBAAiB,CACrC,aAAa,EACb,iBAAiB,EACjB,iBAAiB,CAAC,iBAAiB,CACpC,CAAA;IAED,MAAM,cAAc,GAAG,mBAAmB,CAAC,iBAAiB,CAAC,SAAS,CAAC;QACrE,CAAC,CAAC,EAAE;QACJ,CAAC,CAAC,iBAAiB,CAAC,IAAI,CAAA;IAE1B,MAAM,UAAU,GAAe;QAC7B,OAAO,EAAE;YACP,MAAM,EAAE,iBAAiB,CAAC,MAAM;YAChC,QAAQ,EAAE;gBACR,QAAQ,EAAE,iBAAiB,CAAC,WAAW,IAAI,GAAG;gBAC9C,SAAS,EAAE,iBAAiB,CAAC,eAAe;aAC7C;YACD,SAAS,EAAE,iBAAiB,CAAC,SAAS;YACtC,gBAAgB,EAAE,OAAO;SAC1B;QACD,gBAAgB,EAAE,uBAAuB,CAAC,iBAAiB,CAAC,SAAS,EAAE,iBAAiB,CAAC;QACzF,sBAAsB,EAAE,cAAc;QACtC,uBAAuB,EAAE,cAAc,CACrC,iBAAiB,CAAC,SAAS,EAC3B,aAAa,CAAC,cAAc,EAC5B,YAAY,EACZ,iBAAiB,CAAC,IAAI,CACvB;QACD,cAAc,EAAE,iBAAiB,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS;QAC9D,0BAA0B,EAAE,yBAAyB,CAAC,iBAAiB,CAAC;KACzE,CAAA;IACD,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,EAAE,EAAE,CAAC,CAAA;IAElD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,KAAK,UAAU,mBAAmB,CAChC,aAA+B,EAC/B,WAA+B;IAK/B,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,EAAE,cAAc,EAAE,SAAS,EAAE,YAAY,EAAE,EAAE,EAAE,CAAA;IACxD,CAAC;IAED,MAAM,cAAc,GAAG,MAAM,4BAA4B,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;IACrF,MAAM,YAAY,GAAG,MAAM,kBAAkB,CAAC,aAAa,EAAE,WAAW,CAAC,CAAA;IAEzE,OAAO,EAAE,cAAc,EAAE,YAAY,EAAE,CAAA;AACzC,CAAC;AAED,SAAS,cAAc,CACrB,YAAoB,EACpB,gBAAyB,EACzB,YAAqC,EACrC,aAAsC;IAEtC,IAAI,mBAAmB,CAAC,YAAY,CAAC,EAAE,CAAC;QACtC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,OAAO,GAAG,YAAY,CAAA;IAE1B,IAAI,gBAAgB,EAAE,CAAC;QACrB,OAAO,GAAG,aAAa,CAAA;IACzB,CAAC;IAED,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACzB,GAAG,CAAC,aAAa,CAAA;QACjB,OAAO;YACL,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,QAAQ,EAAE,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE;gBACvC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAA;YAChE,CAAC,CAAC;SACH,CAAA;IACH,CAAC,CAAC,CAAA;AACJ,CAAC;AAED,SAAS,uBAAuB,CAC9B,YAAoB,EACpB,iBAAoC;IAEpC,iCAAiC;IACjC,MAAM,sBAAsB,GAAkD,EAAE,CAAA;IAChF,iBAAiB,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACnD,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACxC,sBAAsB,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG;gBACnC,IAAI,EAAE,MAAM,CAAC,GAAG;gBAChB,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,CAAA;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IACF,iBAAiB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QACvD,WAAW,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;YAC7C,IAAI,CAAC,sBAAsB,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxC,sBAAsB,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG;oBACnC,IAAI,EAAE,MAAM,CAAC,GAAG;oBAChB,MAAM,EAAE,MAAM,CAAC,MAAM;iBACtB,CAAA;YACH,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAA;IAE9D,iBAAiB,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QAClD,gBAAgB,CAAC,IAAI,CAAC;YACpB,IAAI,EAAE,GAAG,YAAY,IAAI,MAAM,CAAC,IAAI,EAAE;YACtC,MAAM,EAAE,MAAM,CAAC,MAAM;SACtB,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,iBAAiB,CAAC,aAAa,EAAE,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;QACvD,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;YAC5C,gBAAgB,CAAC,IAAI,CAAC;gBACpB,IAAI,EAAE,GAAG,WAAW,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,EAAE;gBAC3C,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,CAAC,CAAA;QACJ,CAAC,CAAC,CAAA;IACJ,CAAC,CAAC,CAAA;IAEF,OAAO,gBAAgB,CAAA;AACzB,CAAC;AAED,SAAS,yBAAyB,CAChC,iBAAoC;IAEpC,IAAI,iBAAiB,CAAC,kBAAkB,EAAE,CAAC;QACzC,OAAO;YACL;gBACE,IAAI,EAAE,iBAAiB,CAAC,kBAAkB,CAAC,GAAG;gBAC9C,MAAM,EAAE,iBAAiB,CAAC,kBAAkB,CAAC,MAAM;aACpD;SACF,CAAA;IACH,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,MAAM,UAAU,wBAAwB,CACtC,QAAkD,EAClD,MAAwB;IAExB,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,CAAA;IACb,CAAC;IACD,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;IAClC,CAAC;IACD,OAAO,QAAQ,KAAK,MAAM,CAAA;AAC5B,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { IamCollectClient } from '../collect/client.js';
|
|
2
|
+
/**
|
|
3
|
+
* Get an IAMCollectClient for a test database
|
|
4
|
+
*
|
|
5
|
+
* @param dataSetId the ID of the test dataset to use
|
|
6
|
+
* @returns IamCollectClient instance configured for the specified dataset
|
|
7
|
+
*/
|
|
8
|
+
export declare function getTestDatasetClient(dataSetId: string): IamCollectClient;
|
|
9
|
+
//# sourceMappingURL=testClient.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"testClient.d.ts","sourceRoot":"","sources":["../../../src/test-datasets/testClient.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAA;AAGvD;;;;;GAKG;AACH,wBAAgB,oBAAoB,CAAC,SAAS,EAAE,MAAM,GAAG,gBAAgB,CAoBxE"}
|