@cloud-copilot/iam-simulate 0.1.4 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cjs/ConditionKeys.d.ts +19 -0
- package/dist/cjs/ConditionKeys.d.ts.map +1 -0
- package/dist/cjs/ConditionKeys.js +27 -0
- package/dist/cjs/ConditionKeys.js.map +1 -0
- package/dist/cjs/SCPAnalysis.d.ts +6 -0
- package/dist/cjs/SCPAnalysis.d.ts.map +1 -0
- package/dist/cjs/SCPAnalysis.js +3 -0
- package/dist/cjs/SCPAnalysis.js.map +1 -0
- package/dist/cjs/context_keys/findContextKeys.d.ts +19 -0
- package/dist/cjs/context_keys/findContextKeys.d.ts.map +1 -0
- package/dist/cjs/context_keys/findContextKeys.js +57 -0
- package/dist/cjs/context_keys/findContextKeys.js.map +1 -0
- package/dist/cjs/core_engine/coreSimulatorEngine.d.ts +39 -0
- package/dist/cjs/core_engine/coreSimulatorEngine.d.ts.map +1 -1
- package/dist/cjs/core_engine/coreSimulatorEngine.js +56 -0
- package/dist/cjs/core_engine/coreSimulatorEngine.js.map +1 -1
- package/dist/cjs/evaluate.d.ts +1 -0
- package/dist/cjs/evaluate.d.ts.map +1 -1
- package/dist/cjs/global_conditions/globalConditionKeys.d.ts +17 -0
- package/dist/cjs/global_conditions/globalConditionKeys.d.ts.map +1 -0
- package/dist/cjs/global_conditions/globalConditionKeys.js +296 -0
- package/dist/cjs/global_conditions/globalConditionKeys.js.map +1 -0
- package/dist/cjs/index.d.ts +3 -0
- package/dist/cjs/index.d.ts.map +1 -1
- package/dist/cjs/index.js +7 -1
- package/dist/cjs/index.js.map +1 -1
- package/dist/cjs/principal/principal.d.ts +9 -1
- package/dist/cjs/principal/principal.d.ts.map +1 -1
- package/dist/cjs/principal/principal.js +17 -0
- package/dist/cjs/principal/principal.js.map +1 -1
- package/dist/cjs/request/requestPrincipal.d.ts.map +1 -1
- package/dist/cjs/request/requestPrincipal.js.map +1 -1
- package/dist/cjs/services/DefaultServiceAuthorizer.d.ts +30 -1
- package/dist/cjs/services/DefaultServiceAuthorizer.d.ts.map +1 -1
- package/dist/cjs/services/DefaultServiceAuthorizer.js +93 -7
- package/dist/cjs/services/DefaultServiceAuthorizer.js.map +1 -1
- package/dist/cjs/services/ServiceAuthorizer.d.ts +3 -0
- package/dist/cjs/services/ServiceAuthorizer.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/contextKeys.d.ts +9 -1
- package/dist/cjs/simulation_engine/contextKeys.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/contextKeys.js +27 -40
- package/dist/cjs/simulation_engine/contextKeys.js.map +1 -1
- package/dist/cjs/simulation_engine/simulation.d.ts +12 -1
- package/dist/cjs/simulation_engine/simulation.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/simulationEngine.d.ts +15 -0
- package/dist/cjs/simulation_engine/simulationEngine.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/simulationEngine.js +133 -12
- package/dist/cjs/simulation_engine/simulationEngine.js.map +1 -1
- package/dist/cjs/simulation_engine/unsafeSimulationEngine.d.ts +1 -1
- package/dist/cjs/simulation_engine/unsafeSimulationEngine.d.ts.map +1 -1
- package/dist/cjs/simulation_engine/unsafeSimulationEngine.js +13 -4
- package/dist/cjs/simulation_engine/unsafeSimulationEngine.js.map +1 -1
- package/dist/cjs/util.d.ts +69 -0
- package/dist/cjs/util.d.ts.map +1 -1
- package/dist/cjs/util.js +166 -0
- package/dist/cjs/util.js.map +1 -1
- package/dist/esm/ConditionKeys.d.ts +19 -0
- package/dist/esm/ConditionKeys.d.ts.map +1 -0
- package/dist/esm/ConditionKeys.js +23 -0
- package/dist/esm/ConditionKeys.js.map +1 -0
- package/dist/esm/SCPAnalysis.d.ts +6 -0
- package/dist/esm/SCPAnalysis.d.ts.map +1 -0
- package/dist/esm/SCPAnalysis.js +2 -0
- package/dist/esm/SCPAnalysis.js.map +1 -0
- package/dist/esm/context_keys/findContextKeys.d.ts +19 -0
- package/dist/esm/context_keys/findContextKeys.d.ts.map +1 -0
- package/dist/esm/context_keys/findContextKeys.js +53 -0
- package/dist/esm/context_keys/findContextKeys.js.map +1 -0
- package/dist/esm/core_engine/coreSimulatorEngine.d.ts +39 -0
- package/dist/esm/core_engine/coreSimulatorEngine.d.ts.map +1 -1
- package/dist/esm/core_engine/coreSimulatorEngine.js +54 -0
- package/dist/esm/core_engine/coreSimulatorEngine.js.map +1 -1
- package/dist/esm/evaluate.d.ts +1 -0
- package/dist/esm/evaluate.d.ts.map +1 -1
- package/dist/esm/global_conditions/globalConditionKeys.d.ts +17 -0
- package/dist/esm/global_conditions/globalConditionKeys.d.ts.map +1 -0
- package/dist/esm/global_conditions/globalConditionKeys.js +290 -0
- package/dist/esm/global_conditions/globalConditionKeys.js.map +1 -0
- package/dist/esm/index.d.ts +3 -0
- package/dist/esm/index.d.ts.map +1 -1
- package/dist/esm/index.js +3 -0
- package/dist/esm/index.js.map +1 -1
- package/dist/esm/principal/principal.d.ts +9 -1
- package/dist/esm/principal/principal.d.ts.map +1 -1
- package/dist/esm/principal/principal.js +16 -0
- package/dist/esm/principal/principal.js.map +1 -1
- package/dist/esm/request/requestPrincipal.d.ts.map +1 -1
- package/dist/esm/request/requestPrincipal.js.map +1 -1
- package/dist/esm/services/DefaultServiceAuthorizer.d.ts +30 -1
- package/dist/esm/services/DefaultServiceAuthorizer.d.ts.map +1 -1
- package/dist/esm/services/DefaultServiceAuthorizer.js +93 -7
- package/dist/esm/services/DefaultServiceAuthorizer.js.map +1 -1
- package/dist/esm/services/ServiceAuthorizer.d.ts +3 -0
- package/dist/esm/services/ServiceAuthorizer.d.ts.map +1 -1
- package/dist/esm/simulation_engine/contextKeys.d.ts +9 -1
- package/dist/esm/simulation_engine/contextKeys.d.ts.map +1 -1
- package/dist/esm/simulation_engine/contextKeys.js +28 -40
- package/dist/esm/simulation_engine/contextKeys.js.map +1 -1
- package/dist/esm/simulation_engine/simulation.d.ts +12 -1
- package/dist/esm/simulation_engine/simulation.d.ts.map +1 -1
- package/dist/esm/simulation_engine/simulationEngine.d.ts +15 -0
- package/dist/esm/simulation_engine/simulationEngine.d.ts.map +1 -1
- package/dist/esm/simulation_engine/simulationEngine.js +133 -13
- package/dist/esm/simulation_engine/simulationEngine.js.map +1 -1
- package/dist/esm/simulation_engine/unsafeSimulationEngine.d.ts +1 -1
- package/dist/esm/simulation_engine/unsafeSimulationEngine.d.ts.map +1 -1
- package/dist/esm/simulation_engine/unsafeSimulationEngine.js +13 -4
- package/dist/esm/simulation_engine/unsafeSimulationEngine.js.map +1 -1
- package/dist/esm/util.d.ts +69 -0
- package/dist/esm/util.d.ts.map +1 -1
- package/dist/esm/util.js +158 -0
- package/dist/esm/util.js.map +1 -1
- package/package.json +2 -2
|
@@ -3,7 +3,7 @@ import { authorize } from "../core_engine/coreSimulatorEngine.js";
|
|
|
3
3
|
import { AwsRequestImpl } from "../request/request.js";
|
|
4
4
|
import { RequestContextImpl } from "../requestContext.js";
|
|
5
5
|
/**
|
|
6
|
-
* Runs a simulation without input validation or context
|
|
6
|
+
* Runs a simulation without input validation or context variable verification.
|
|
7
7
|
* Use this if you know what you're doing.
|
|
8
8
|
*
|
|
9
9
|
* @param simulation The simulation to run.
|
|
@@ -11,8 +11,15 @@ import { RequestContextImpl } from "../requestContext.js";
|
|
|
11
11
|
* @returns The result of the simulation.
|
|
12
12
|
*/
|
|
13
13
|
export function runUnsafeSimulation(simulation, simulationOptions) {
|
|
14
|
-
|
|
15
|
-
const
|
|
14
|
+
const identityPolicies = Object.values(simulation.identityPolicies).map(p => loadPolicy(p.policy));
|
|
15
|
+
const serviceControlPolicies = simulation.serviceControlPolicies.map((scp) => {
|
|
16
|
+
const ouId = scp.orgIdentifier;
|
|
17
|
+
const policies = scp.policies.map(val => loadPolicy(val.policy));
|
|
18
|
+
return {
|
|
19
|
+
orgIdentifier: ouId,
|
|
20
|
+
policies: policies
|
|
21
|
+
};
|
|
22
|
+
});
|
|
16
23
|
const requestContext = new RequestContextImpl(simulation.request.contextVariables);
|
|
17
24
|
const request = new AwsRequestImpl(simulation.request.principal, {
|
|
18
25
|
resource: simulation.request.resource.resource,
|
|
@@ -20,7 +27,9 @@ export function runUnsafeSimulation(simulation, simulationOptions) {
|
|
|
20
27
|
}, simulation.request.action, requestContext);
|
|
21
28
|
return authorize({
|
|
22
29
|
request,
|
|
23
|
-
identityPolicies
|
|
30
|
+
identityPolicies,
|
|
31
|
+
serviceControlPolicies,
|
|
32
|
+
resourcePolicy: simulation.resourcePolicy ? loadPolicy(simulation.resourcePolicy) : undefined
|
|
24
33
|
});
|
|
25
34
|
}
|
|
26
35
|
//# sourceMappingURL=unsafeSimulationEngine.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"unsafeSimulationEngine.js","sourceRoot":"","sources":["../../../src/simulation_engine/unsafeSimulationEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,SAAS,
|
|
1
|
+
{"version":3,"file":"unsafeSimulationEngine.js","sourceRoot":"","sources":["../../../src/simulation_engine/unsafeSimulationEngine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,2BAA2B,CAAC;AACvD,OAAO,EAAE,SAAS,EAA0B,MAAM,uCAAuC,CAAC;AAE1F,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AACvD,OAAO,EAAE,kBAAkB,EAAE,MAAM,sBAAsB,CAAC;AAI1D;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CAAC,UAAsB,EAAE,iBAA6C;IACvG,MAAM,gBAAgB,GAAG,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,gBAAgB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;IACnG,MAAM,sBAAsB,GAA6B,UAAU,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACrG,MAAM,IAAI,GAAG,GAAG,CAAC,aAAa,CAAC;QAC/B,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;QAEjE,OAAO;YACL,aAAa,EAAE,IAAI;YACnB,QAAQ,EAAE,QAAQ;SACnB,CAAA;IACH,CAAC,CAAC,CAAA;IACF,MAAM,cAAc,GAAG,IAAI,kBAAkB,CAAC,UAAU,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAA;IAClF,MAAM,OAAO,GAAG,IAAI,cAAc,CAAC,UAAU,CAAC,OAAO,CAAC,SAAS,EAAE;QAC/D,QAAQ,EAAE,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ;QAC9C,SAAS,EAAE,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS;KACjD,EAAE,UAAU,CAAC,OAAO,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;IAE9C,OAAO,SAAS,CAAC;QACf,OAAO;QACP,gBAAgB;QAChB,sBAAsB;QACtB,cAAc,EAAE,UAAU,CAAC,cAAc,CAAC,CAAC,CAAC,UAAU,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,SAAS;KAC9F,CAAC,CAAC;AACL,CAAC"}
|
package/dist/esm/util.d.ts
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
import { ResourceType } from '@cloud-copilot/iam-data';
|
|
2
|
+
import { ConditionKeyType } from './ConditionKeys.js';
|
|
1
3
|
import { AwsRequest } from './request/request.js';
|
|
2
4
|
interface StringReplaceOptions {
|
|
3
5
|
replaceWildcards: boolean;
|
|
@@ -20,6 +22,12 @@ export interface ArnParts {
|
|
|
20
22
|
resourceType: string | undefined;
|
|
21
23
|
resourcePath: string | undefined;
|
|
22
24
|
}
|
|
25
|
+
/**
|
|
26
|
+
* Split an ARN into its parts
|
|
27
|
+
*
|
|
28
|
+
* @param arn the arn to split
|
|
29
|
+
* @returns the parts of the ARN
|
|
30
|
+
*/
|
|
23
31
|
export declare function splitArnParts(arn: string): ArnParts;
|
|
24
32
|
/**
|
|
25
33
|
* Splits a resource into two segments. The first segment is the product segment and the second segment is the resource id segment.
|
|
@@ -43,5 +51,66 @@ export declare function isDefined<T>(value: T | undefined): value is T;
|
|
|
43
51
|
* @returns if the value is not defined or null
|
|
44
52
|
*/
|
|
45
53
|
export declare function isNotDefined<T>(value: T | undefined): value is undefined;
|
|
54
|
+
/**
|
|
55
|
+
* Checks if an action is a wildcard only action
|
|
56
|
+
*
|
|
57
|
+
* @param service the service the action belongs to
|
|
58
|
+
* @param action the action to check if it is a wildcard only action
|
|
59
|
+
* @returns if the action is a wildcard only action
|
|
60
|
+
* @throws an error if the service or action does not exist
|
|
61
|
+
*/
|
|
62
|
+
export declare function isWildcardOnlyAction(service: string, action: string): Promise<boolean>;
|
|
63
|
+
/**
|
|
64
|
+
* Get the the possible reource types for an action and resource
|
|
65
|
+
*
|
|
66
|
+
* @param service the service the action belongs to
|
|
67
|
+
* @param action the action to get the resource type for
|
|
68
|
+
* @param resource the resource type matching the action, if any
|
|
69
|
+
* @throws an error if the service or action does not exist, or if the action is a wildcard only action
|
|
70
|
+
*/
|
|
71
|
+
export declare function getResourceTypesForAction(service: string, action: string, resource: string): Promise<ResourceType[]>;
|
|
72
|
+
/**
|
|
73
|
+
* Convert a resource pattern from iam-data to a regex pattern
|
|
74
|
+
*
|
|
75
|
+
* @param pattern the pattern to convert to a regex
|
|
76
|
+
* @returns the regex pattern
|
|
77
|
+
*/
|
|
78
|
+
export declare function convertResourcePatternToRegex(pattern: string): string;
|
|
79
|
+
/**
|
|
80
|
+
* Lowercase all strings in an array
|
|
81
|
+
*
|
|
82
|
+
* @param strings the strings to lowercase
|
|
83
|
+
* @returns the lowercased strings
|
|
84
|
+
*/
|
|
85
|
+
export declare function lowerCaseAll(strings: string[]): string[];
|
|
86
|
+
/**
|
|
87
|
+
* Check the capitalization of a context key and return the correct capitalization
|
|
88
|
+
*
|
|
89
|
+
* @param contextKey the condition key to check
|
|
90
|
+
* @returns if the condition key is an array type
|
|
91
|
+
*/
|
|
92
|
+
export declare function normalizeContextKeyCase(contextKey: string): Promise<string>;
|
|
93
|
+
/**
|
|
94
|
+
* Get the type of a context key
|
|
95
|
+
*
|
|
96
|
+
* @param contextKey - The string condition key to get the type for
|
|
97
|
+
* @returns The type of the condition key
|
|
98
|
+
* @throws an error if the condition key is not found
|
|
99
|
+
*/
|
|
100
|
+
export declare function typeForContextKey(contextKey: string): Promise<ConditionKeyType>;
|
|
101
|
+
/**
|
|
102
|
+
* Gets the IAM variables from a string
|
|
103
|
+
*
|
|
104
|
+
* @param value the string to get the variables from
|
|
105
|
+
* @returns the variables in the string, if any
|
|
106
|
+
*/
|
|
107
|
+
export declare function getVariablesFromString(value: string): string[];
|
|
108
|
+
/**
|
|
109
|
+
* Check if a context key actually exists
|
|
110
|
+
*
|
|
111
|
+
* @param key The context key to check
|
|
112
|
+
* @returns true if the context key is valid, false otherwise
|
|
113
|
+
*/
|
|
114
|
+
export declare function isActualContextKey(key: string): Promise<boolean>;
|
|
46
115
|
export {};
|
|
47
116
|
//# sourceMappingURL=util.d.ts.map
|
package/dist/esm/util.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AAIjD,UAAU,oBAAoB;IAC5B,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAMD;;;;;;;GAOG;AACH,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,MAAM,CA4DlI;
|
|
1
|
+
{"version":3,"file":"util.d.ts","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAA6G,YAAY,EAAE,MAAM,yBAAyB,CAAA;AACjK,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAA;AAErD,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAA;AAIjD,UAAU,oBAAoB;IAC5B,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAMD;;;;;;;GAOG;AACH,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,oBAAoB,CAAC,GAAG,MAAM,CA4DlI;AA8CD,MAAM,WAAW,QAAQ;IACvB,SAAS,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,OAAO,EAAE,MAAM,GAAG,SAAS,CAAA;IAC3B,MAAM,EAAE,MAAM,GAAG,SAAS,CAAA;IAC1B,SAAS,EAAE,MAAM,GAAG,SAAS,CAAA;IAC7B,QAAQ,EAAE,MAAM,GAAG,SAAS,CAAA;IAC5B,YAAY,EAAE,MAAM,GAAG,SAAS,CAAA;IAChC,YAAY,EAAE,MAAM,GAAG,SAAS,CAAA;CACjC;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,QAAQ,CAyBnD;AAED;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAgBtE;AAED;;;;;GAKG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,GAAG,KAAK,IAAI,CAAC,CAE7D;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,SAAS,GAAG,KAAK,IAAI,SAAS,CAExE;AAED;;;;;;;GAOG;AACH,wBAAsB,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAG5F;AAED;;;;;;;GAOG;AACH,wBAAsB,yBAAyB,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,EAAE,CAAC,CAiB1H;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAOrE;AAED;;;;;GAKG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAExD;AAED;;;;;GAKG;AACH,wBAAsB,uBAAuB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAgBjF;AAED;;;;;;GAMG;AACH,wBAAsB,iBAAiB,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAarF;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,EAAE,CAY9D;AAED;;;;;GAKG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAiBtE"}
|
package/dist/esm/util.js
CHANGED
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
import { iamActionDetails, iamConditionKeyDetails, iamConditionKeyExists, iamResourceTypeDetails, iamServiceExists } from '@cloud-copilot/iam-data';
|
|
2
|
+
import { getGlobalConditionKey, globalConditionKeyExists } from './global_conditions/globalConditionKeys.js';
|
|
1
3
|
const matchesNothing = new RegExp('a^');
|
|
2
4
|
const defaultStringReplaceOptions = {
|
|
3
5
|
replaceWildcards: true
|
|
@@ -97,12 +99,26 @@ function getContextSingleValue(request, contextKeyName) {
|
|
|
97
99
|
}
|
|
98
100
|
return undefined;
|
|
99
101
|
}
|
|
102
|
+
/**
|
|
103
|
+
* Get the replacement value for a string
|
|
104
|
+
*
|
|
105
|
+
* @param rawString the string to replace the value in
|
|
106
|
+
* @param wildcard the value to replace the wildcard with
|
|
107
|
+
* @param replaceWildcards if the wildcard or raw string should be used
|
|
108
|
+
* @returns
|
|
109
|
+
*/
|
|
100
110
|
function replacementValue(rawString, wildcard, replaceWildcards) {
|
|
101
111
|
if (replaceWildcards) {
|
|
102
112
|
return wildcard;
|
|
103
113
|
}
|
|
104
114
|
return rawString;
|
|
105
115
|
}
|
|
116
|
+
/**
|
|
117
|
+
* Split an ARN into its parts
|
|
118
|
+
*
|
|
119
|
+
* @param arn the arn to split
|
|
120
|
+
* @returns the parts of the ARN
|
|
121
|
+
*/
|
|
106
122
|
export function splitArnParts(arn) {
|
|
107
123
|
const parts = arn.split(':');
|
|
108
124
|
const partition = parts.at(1);
|
|
@@ -170,4 +186,146 @@ export function isDefined(value) {
|
|
|
170
186
|
export function isNotDefined(value) {
|
|
171
187
|
return !isDefined(value);
|
|
172
188
|
}
|
|
189
|
+
/**
|
|
190
|
+
* Checks if an action is a wildcard only action
|
|
191
|
+
*
|
|
192
|
+
* @param service the service the action belongs to
|
|
193
|
+
* @param action the action to check if it is a wildcard only action
|
|
194
|
+
* @returns if the action is a wildcard only action
|
|
195
|
+
* @throws an error if the service or action does not exist
|
|
196
|
+
*/
|
|
197
|
+
export async function isWildcardOnlyAction(service, action) {
|
|
198
|
+
const actionDetails = await iamActionDetails(service, action);
|
|
199
|
+
return actionDetails.resourceTypes.length === 0;
|
|
200
|
+
}
|
|
201
|
+
/**
|
|
202
|
+
* Get the the possible reource types for an action and resource
|
|
203
|
+
*
|
|
204
|
+
* @param service the service the action belongs to
|
|
205
|
+
* @param action the action to get the resource type for
|
|
206
|
+
* @param resource the resource type matching the action, if any
|
|
207
|
+
* @throws an error if the service or action does not exist, or if the action is a wildcard only action
|
|
208
|
+
*/
|
|
209
|
+
export async function getResourceTypesForAction(service, action, resource) {
|
|
210
|
+
const actionDetails = await iamActionDetails(service, action);
|
|
211
|
+
if (actionDetails.resourceTypes.length === 0) {
|
|
212
|
+
throw new Error(`${service}:${action} does not have any resource types`);
|
|
213
|
+
}
|
|
214
|
+
const matchingResourceTypes = [];
|
|
215
|
+
for (const rt of actionDetails.resourceTypes) {
|
|
216
|
+
const resourceType = await iamResourceTypeDetails(service, rt.name);
|
|
217
|
+
const pattern = convertResourcePatternToRegex(resourceType.arn);
|
|
218
|
+
const match = resource.match(new RegExp(pattern));
|
|
219
|
+
if (match) {
|
|
220
|
+
matchingResourceTypes.push(resourceType);
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
return matchingResourceTypes;
|
|
224
|
+
}
|
|
225
|
+
/**
|
|
226
|
+
* Convert a resource pattern from iam-data to a regex pattern
|
|
227
|
+
*
|
|
228
|
+
* @param pattern the pattern to convert to a regex
|
|
229
|
+
* @returns the regex pattern
|
|
230
|
+
*/
|
|
231
|
+
export function convertResourcePatternToRegex(pattern) {
|
|
232
|
+
const regex = pattern.replace(/\$\{.*?\}/g, (match) => {
|
|
233
|
+
const name = match.substring(2, match.length - 1);
|
|
234
|
+
const camelName = name.at(0)?.toLowerCase() + name.substring(1);
|
|
235
|
+
return `(?<${camelName}>(.*?))`;
|
|
236
|
+
});
|
|
237
|
+
return `^${regex}$`;
|
|
238
|
+
}
|
|
239
|
+
/**
|
|
240
|
+
* Lowercase all strings in an array
|
|
241
|
+
*
|
|
242
|
+
* @param strings the strings to lowercase
|
|
243
|
+
* @returns the lowercased strings
|
|
244
|
+
*/
|
|
245
|
+
export function lowerCaseAll(strings) {
|
|
246
|
+
return strings.map(s => s.toLowerCase());
|
|
247
|
+
}
|
|
248
|
+
/**
|
|
249
|
+
* Check the capitalization of a context key and return the correct capitalization
|
|
250
|
+
*
|
|
251
|
+
* @param contextKey the condition key to check
|
|
252
|
+
* @returns if the condition key is an array type
|
|
253
|
+
*/
|
|
254
|
+
export async function normalizeContextKeyCase(contextKey) {
|
|
255
|
+
const [service, key] = contextKey.split(":");
|
|
256
|
+
const serviceExists = await iamServiceExists(service);
|
|
257
|
+
if (serviceExists) {
|
|
258
|
+
const serviceKeyExists = await iamConditionKeyExists(service, contextKey);
|
|
259
|
+
if (serviceKeyExists) {
|
|
260
|
+
const keyDetails = await iamConditionKeyDetails(service, contextKey);
|
|
261
|
+
return keyDetails.key;
|
|
262
|
+
}
|
|
263
|
+
}
|
|
264
|
+
const globalConditionKey = getGlobalConditionKey(contextKey);
|
|
265
|
+
if (globalConditionKey) {
|
|
266
|
+
return globalConditionKey.key;
|
|
267
|
+
}
|
|
268
|
+
throw new Error(`Context key ${contextKey} not found`);
|
|
269
|
+
}
|
|
270
|
+
/**
|
|
271
|
+
* Get the type of a context key
|
|
272
|
+
*
|
|
273
|
+
* @param contextKey - The string condition key to get the type for
|
|
274
|
+
* @returns The type of the condition key
|
|
275
|
+
* @throws an error if the condition key is not found
|
|
276
|
+
*/
|
|
277
|
+
export async function typeForContextKey(contextKey) {
|
|
278
|
+
const [service, key] = contextKey.split(":");
|
|
279
|
+
const serviceKeyExists = await iamConditionKeyExists(service, contextKey);
|
|
280
|
+
if (serviceKeyExists) {
|
|
281
|
+
const keyDetails = await iamConditionKeyDetails(service, contextKey);
|
|
282
|
+
return keyDetails.type;
|
|
283
|
+
}
|
|
284
|
+
const globalConditionKey = getGlobalConditionKey(contextKey);
|
|
285
|
+
if (globalConditionKey) {
|
|
286
|
+
return globalConditionKey.dataType;
|
|
287
|
+
}
|
|
288
|
+
throw new Error(`Condition key ${contextKey} not found`);
|
|
289
|
+
}
|
|
290
|
+
/**
|
|
291
|
+
* Gets the IAM variables from a string
|
|
292
|
+
*
|
|
293
|
+
* @param value the string to get the variables from
|
|
294
|
+
* @returns the variables in the string, if any
|
|
295
|
+
*/
|
|
296
|
+
export function getVariablesFromString(value) {
|
|
297
|
+
const matches = value.match(/\$\{.*?\}/g);
|
|
298
|
+
if (matches) {
|
|
299
|
+
return matches.map((m) => {
|
|
300
|
+
const inBrackets = m.slice(2, -1);
|
|
301
|
+
if (inBrackets.includes(',')) {
|
|
302
|
+
return inBrackets.split(',')[0].trim();
|
|
303
|
+
}
|
|
304
|
+
return inBrackets;
|
|
305
|
+
});
|
|
306
|
+
}
|
|
307
|
+
return [];
|
|
308
|
+
}
|
|
309
|
+
/**
|
|
310
|
+
* Check if a context key actually exists
|
|
311
|
+
*
|
|
312
|
+
* @param key The context key to check
|
|
313
|
+
* @returns true if the context key is valid, false otherwise
|
|
314
|
+
*/
|
|
315
|
+
export async function isActualContextKey(key) {
|
|
316
|
+
if (globalConditionKeyExists(key)) {
|
|
317
|
+
return true;
|
|
318
|
+
}
|
|
319
|
+
const parts = key.split(":");
|
|
320
|
+
if (parts.length !== 2) {
|
|
321
|
+
return false;
|
|
322
|
+
}
|
|
323
|
+
const [service, action] = parts;
|
|
324
|
+
const serviceExists = await iamServiceExists(service);
|
|
325
|
+
if (!serviceExists) {
|
|
326
|
+
return false;
|
|
327
|
+
}
|
|
328
|
+
const actionExists = await iamConditionKeyExists(service, key);
|
|
329
|
+
return actionExists;
|
|
330
|
+
}
|
|
173
331
|
//# sourceMappingURL=util.js.map
|
package/dist/esm/util.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"util.js","sourceRoot":"","sources":["../../src/util.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,sBAAsB,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,gBAAgB,EAAgB,MAAM,yBAAyB,CAAA;AAEjK,OAAO,EAAE,qBAAqB,EAAE,wBAAwB,EAAE,MAAM,4CAA4C,CAAA;AAG5G,MAAM,cAAc,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,CAAA;AAMvC,MAAM,2BAA2B,GAAyB;IACxD,gBAAgB,EAAE,IAAI;CACvB,CAAA;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,uBAAuB,CAAC,KAAa,EAAE,OAAmB,EAAE,cAA8C;IACxH,MAAM,OAAO,GAAG,EAAC,GAAG,2BAA2B,EAAE,GAAG,cAAc,EAAC,CAAA;IAEnE,IAAI,oBAAoB,GAAG,KAAK,CAAA;IAChC,MAAM,QAAQ,GAAG,KAAK,CAAC,UAAU,CAAC,yBAAyB,EAAE,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;QAC3E,IAAI,KAAK,IAAI,GAAG,EAAE,CAAC;YACjB,OAAO,gBAAgB,CAAC,KAAK,EAAE,GAAG,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YAC7D,aAAa;QACf,CAAC;aAAM,IAAI,KAAK,IAAI,GAAG,EAAE,CAAC;YACxB,OAAO,gBAAgB,CAAC,KAAK,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YAC/D,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;aAAM,IAAI,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,gBAAgB,CAAC,cAAc,EAAE,KAAK,EAAE,OAAO,CAAC,gBAAgB,CAAC,CAAA;YACxE,eAAe;QACjB,CAAC;QACD,EAAE;QACF,4BAA4B;QAC5B,MAAM,aAAa,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;QAExC,IAAI,YAAY,GAAG,SAAS,CAAA;QAC5B,MAAM,YAAY,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAC9C,IAAG,YAAY,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YAC5B,MAAM,iBAAiB,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC5C,IAAG,iBAAiB,EAAE,UAAU,CAAC,GAAG,CAAC,IAAI,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACzE,YAAY,GAAG,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YAC/C,CAAC;QACH,CAAC;QACD,MAAM,YAAY,GAAG,YAAY,CAAC,EAAE,CAAC,CAAC,CAAE,CAAC,IAAI,EAAE,CAAA;QAE/C,MAAM,YAAY,GAAG,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;QAEjE,IAAG,YAAY,EAAE,CAAC;YAChB,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;aAAM,IAAG,YAAY,EAAE,CAAC;YACvB;;;cAGE;YACF,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;aAAM,CAAC;YACN,oBAAoB,GAAG,IAAI,CAAA;YAC3B;;cAEE;YACF,OAAO,gBAAgB,CAAA;QACzB,CAAC;QAED,MAAM,IAAI,KAAK,CAAC,0BAA0B,CAAC,CAAA;IAC7C,CAAC,CAAC,CAAA;IAEF,IAAG,oBAAoB,EAAE,CAAC;QACxB,OAAO,cAAc,CAAA;IACvB,CAAC;IACD,OAAO,IAAI,MAAM,CAAC,GAAG,GAAG,QAAQ,GAAG,GAAG,CAAC,CAAA;AACzC,CAAC;AAED;;;;;GAKG;AACH,SAAS,qBAAqB,CAAC,GAAW;IACxC,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;AACpD,CAAC;AAED;;;;;;GAMG;AACH,SAAS,qBAAqB,CAAC,OAAmB,EAAE,cAAsB;IACxE,IAAG,CAAC,OAAO,CAAC,gBAAgB,CAAC,cAAc,CAAC,EAAE,CAAC;QAC7C,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,MAAM,QAAQ,GAAG,OAAO,CAAC,kBAAkB,CAAC,cAAc,CAAC,CAAA;IAC3D,IAAG,QAAQ,CAAC,aAAa,EAAE,EAAE,CAAC;QAC5B,OAAO,QAAQ,CAAC,KAAK,CAAA;IACvB,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,gBAAgB,CAAC,SAAiB,EAAE,QAAgB,EAAE,gBAAyB;IACtF,IAAG,gBAAgB,EAAE,CAAC;QACpB,OAAO,QAAQ,CAAA;IACjB,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAYD;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAAC,GAAW;IACvC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC5B,MAAM,SAAS,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC7B,MAAM,OAAO,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC1B,MAAM,SAAS,GAAG,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAEzC,IAAI,YAAY,GAAG,SAAS,CAAA;IAC5B,IAAI,YAAY,GAAG,SAAS,CAAA;IAC5B,IAAG,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,IAAI,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACtD,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAA;QAChF,YAAY,GAAG,mBAAmB,CAAA;QAClC,YAAY,GAAG,mBAAmB,CAAA;IACpC,CAAC;IAED,OAAO;QACL,SAAS;QACT,OAAO;QACP,MAAM;QACN,SAAS;QACT,QAAQ;QACR,YAAY;QACZ,YAAY;KACb,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAgB;IAClD,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IACxC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAA;IAExC,IAAI,UAAU,GAAG,UAAU,CAAA;IAC3B,IAAG,UAAU,IAAI,CAAC,CAAC,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QACxC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,GAAG,CAAC,CAAA;IACnD,CAAC;SAAM,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QAC5B,UAAU,GAAG,UAAU,GAAG,CAAC,CAAA;IAC7B,CAAC;SAAM,IAAI,UAAU,IAAI,CAAC,CAAC,EAAE,CAAC;QAC5B,UAAU,GAAG,UAAU,GAAG,CAAC,CAAA;IAC7B,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,4BAA4B,QAAQ,EAAE,CAAC,CAAA;IACzD,CAAC;IAED,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAA;AACpE,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,SAAS,CAAI,KAAoB;IAC/C,OAAO,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,CAAC;AAC/C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,YAAY,CAAI,KAAoB;IAClD,OAAO,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;AAC1B,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,OAAe,EAAE,MAAc;IACxE,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IAC7D,OAAO,aAAa,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC,CAAA;AACjD,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,yBAAyB,CAAC,OAAe,EAAE,MAAc,EAAE,QAAgB;IAC/F,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IAC7D,IAAG,aAAa,CAAC,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,GAAG,OAAO,IAAI,MAAM,mCAAmC,CAAC,CAAA;IAC1E,CAAC;IAED,MAAM,qBAAqB,GAAmB,EAAE,CAAC;IACjD,KAAI,MAAM,EAAE,IAAI,aAAa,CAAC,aAAa,EAAE,CAAC;QAC5C,MAAM,YAAY,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;QACpE,MAAM,OAAO,GAAG,6BAA6B,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC;QAChE,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;QAClD,IAAG,KAAK,EAAE,CAAC;YACT,qBAAqB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,OAAO,qBAAqB,CAAA;AAC9B,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAAC,OAAe;IAC3D,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,YAAY,EAAE,CAAC,KAAK,EAAE,EAAE;QACpD,MAAM,IAAI,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QACjD,MAAM,SAAS,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAA;QAC/D,OAAO,MAAM,SAAS,SAAS,CAAA;IACjC,CAAC,CAAC,CAAA;IACF,OAAO,IAAI,KAAK,GAAG,CAAA;AACrB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,YAAY,CAAC,OAAiB;IAC5C,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAA;AAC1C,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,UAAkB;IAC9D,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IACtD,IAAG,aAAa,EAAE,CAAC;QACjB,MAAM,gBAAgB,GAAG,MAAM,qBAAqB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC1E,IAAG,gBAAgB,EAAE,CAAC;YACpB,MAAM,UAAU,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YACrE,OAAO,UAAU,CAAC,GAAG,CAAC;QACxB,CAAC;IACH,CAAC;IACD,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,UAAU,CAAC,CAAC;IAC7D,IAAG,kBAAkB,EAAE,CAAC;QACtB,OAAO,kBAAkB,CAAC,GAAG,CAAC;IAChC,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,eAAe,UAAU,YAAY,CAAC,CAAC;AACzD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,UAAkB;IACxD,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,gBAAgB,GAAG,MAAM,qBAAqB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;IAC1E,IAAG,gBAAgB,EAAE,CAAC;QACpB,MAAM,UAAU,GAAG,MAAM,sBAAsB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QACrE,OAAO,UAAU,CAAC,IAAwB,CAAC;IAC7C,CAAC;IACD,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,UAAU,CAAC,CAAC;IAC7D,IAAG,kBAAkB,EAAE,CAAC;QACtB,OAAO,kBAAkB,CAAC,QAA4B,CAAC;IACzD,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,iBAAiB,UAAU,YAAY,CAAC,CAAC;AAC3D,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,sBAAsB,CAAC,KAAa;IAClD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;IACzC,IAAG,OAAO,EAAE,CAAC;QACX,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACvB,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;YACjC,IAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC5B,OAAO,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAA;YACxC,CAAC;YACD,OAAO,UAAU,CAAA;QACnB,CAAC,CAAC,CAAA;IACJ,CAAC;IACD,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAClD,IAAG,wBAAwB,CAAC,GAAG,CAAC,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAG,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG,KAAK,CAAC;IAChC,MAAM,aAAa,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAEtD,IAAG,CAAC,aAAa,EAAE,CAAC;QAClB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,qBAAqB,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAC/D,OAAO,YAAY,CAAC;AACtB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@cloud-copilot/iam-simulate",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.6",
|
|
4
4
|
"description": "Simulate evaluation of AWS IAM policies",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -40,6 +40,6 @@
|
|
|
40
40
|
},
|
|
41
41
|
"dependencies": {
|
|
42
42
|
"@cloud-copilot/iam-data": ">=0.8.0 <1.0.0",
|
|
43
|
-
"@cloud-copilot/iam-policy": "0.
|
|
43
|
+
"@cloud-copilot/iam-policy": "^0.1.1"
|
|
44
44
|
}
|
|
45
45
|
}
|