UNPKG

@cloud-copilot/iam-collect

Version:

Collect IAM information from AWS Accounts

github.com/cloud-copilot/iam-collect

cloud-copilot/iam-collect

105 lines 4.05 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.AwsConfigSQSClient = void 0; const client_sqs_1 = require("@aws-sdk/client-sqs"); const AbstractClient_js_1 = require("../../customClients/AbstractClient.js"); const AwsConfigClientContext_js_1 = require("../AwsConfigClientContext.js"); const awsConfigUtils_js_1 = require("../awsConfigUtils.js"); /** * AWS Config-based SQS client implementation */ class AwsConfigSQSClient extends AbstractClient_js_1.AbstractClient { static clientName = client_sqs_1.SQSClient.name; constructor(options, customContext) { super(options, customContext); } /** * Register all SQS command implementations */ registerCommands() { this.registerCommand(AwsConfigGetQueueAttributesCommand); this.registerCommand(AwsConfigListQueueTagsCommand); this.registerCommand(AwsConfigListQueuesCommand); } } exports.AwsConfigSQSClient = AwsConfigSQSClient; /** * Config-based implementation of SQS ListQueuesCommand * * Maps SQS::Queue Config data to SQS ListQueuesCommand output format. * Returns queue URL listing for IAM analysis and resource discovery. */ const AwsConfigListQueuesCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({ command: client_sqs_1.ListQueuesCommand, execute: async (input, context) => { const query = ` SELECT arn, resourceId, resourceName, configuration.QueueUrl, configuration.QueueName, configuration.KmsMasterKeyId, configuration.Policy, tags WHERE resourceType = 'AWS::SQS::Queue' AND awsRegion = '${context.region}' AND accountId = '${context.accountId}' AND ${awsConfigUtils_js_1.resourceStatusWhereClause} `; const results = await (0, awsConfigUtils_js_1.executeConfigQuery)(query, context); const queueUrls = results.map((result) => { const { configItem, configuration, tags } = (0, awsConfigUtils_js_1.parseConfigItem)(result); context.putCache(configItem.resourceId, 'configuration', configuration); context.putCache(configItem.resourceId, 'tags', tags); // Use QueueUrl from config if available, otherwise construct from QueueName return configItem.resourceId; }); return { QueueUrls: queueUrls, NextToken: undefined // Config doesn't provide pagination markers }; } }); /** * Config-based implementation of SQS GetQueueAttributesCommand * * Maps SQS::Queue Config data to SQS GetQueueAttributesCommand output format. * Returns only the attributes used by the sync: KmsMasterKeyId, Policy. */ const AwsConfigGetQueueAttributesCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({ command: client_sqs_1.GetQueueAttributesCommand, execute: async (input, context) => { const queueUrl = input.QueueUrl; const configuration = context.getCache(queueUrl, 'configuration'); // Return only the attributes used by the sync operations const attributes = {}; if (configuration.KmsMasterKeyId) { attributes['KmsMasterKeyId'] = configuration.KmsMasterKeyId; } if (configuration.Policy) { attributes['Policy'] = configuration.Policy; } return { Attributes: attributes }; } }); /** * Config-based implementation of SQS ListQueueTagsCommand * * Maps SQS::Queue Config tag data to SQS ListQueueTagsCommand output format. * Returns queue tags for resource identification and compliance analysis. */ const AwsConfigListQueueTagsCommand = (0, AwsConfigClientContext_js_1.awsConfigCommand)({ command: client_sqs_1.ListQueueTagsCommand, execute: async (input, context) => { const queueUrl = input.QueueUrl; const value = context.getCache(queueUrl, 'tags'); return { Tags: value || {} }; } }); //# sourceMappingURL=AwsConfigSQSClient.js.map