UNPKG

@cloud-copilot/iam-collect

Version:

Collect IAM information from AWS Accounts

github.com/cloud-copilot/iam-collect

cloud-copilot/iam-collect

111 lines 4.08 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
import { GetTopicAttributesCommand, ListTagsForResourceCommand, ListTopicsCommand, SNSClient } from '@aws-sdk/client-sns'; import {} from '../../aws/coreAuth.js'; import { AbstractClient } from '../../customClients/AbstractClient.js'; import { awsConfigCommand } from '../AwsConfigClientContext.js'; import { executeConfigQuery, parseConfigItem, resourceStatusWhereClause } from '../awsConfigUtils.js'; /** * AWS Config-based SNS client implementation */ export class AwsConfigSNSClient extends AbstractClient { constructor(options, customContext) { super(options, customContext); } /** * Register all SNS command implementations */ registerCommands() { this.registerCommand(AwsConfigGetTopicAttributesCommand); this.registerCommand(AwsConfigListTagsForResourceCommand); this.registerCommand(AwsConfigListTopicsCommand); } } AwsConfigSNSClient.clientName = SNSClient.name; /** * Config-based implementation of SNS GetTopicAttributesCommand * * Maps SNS::Topic Config data to SNS GetTopicAttributesCommand output format. * Returns only the attributes used by the sync: DisplayName, KmsMasterKeyId, Owner, Policy. */ const AwsConfigGetTopicAttributesCommand = awsConfigCommand({ command: GetTopicAttributesCommand, execute: async (input, context) => { const topicArn = input.TopicArn; const configuration = context.getCache(topicArn, 'configuration'); // Return only the attributes used by the sync operations const attributes = {}; if (configuration.DisplayName) { attributes['DisplayName'] = configuration.DisplayName; } if (configuration.KmsMasterKeyId) { attributes['KmsMasterKeyId'] = configuration.KmsMasterKeyId; } if (configuration.Owner) { attributes['Owner'] = configuration.Owner; } if (configuration.Policy) { attributes['Policy'] = configuration.Policy; } return { Attributes: attributes }; } }); /** * Config-based implementation of SNS ListTagsForResourceCommand * * Maps SNS::Topic Config tag data to SNS ListTagsForResourceCommand output format. * Returns topic tags for resource identification and compliance analysis. */ const AwsConfigListTagsForResourceCommand = awsConfigCommand({ command: ListTagsForResourceCommand, execute: async (input, context) => { const resourceArn = input.ResourceArn; const tags = context.getCache(resourceArn, 'tags'); return { Tags: tags || {} }; } }); /** * Config-based implementation of SNS ListTopicsCommand * * Maps SNS::Topic Config data to SNS ListTopicsCommand output format. * Returns topic listing for IAM analysis and resource discovery. */ const AwsConfigListTopicsCommand = awsConfigCommand({ command: ListTopicsCommand, execute: async (input, context) => { const query = ` SELECT arn, resourceId, resourceName, configuration.TopicArn, configuration.DisplayName, configuration.KmsMasterKeyId, configuration.Owner, configuration.Policy, tags WHERE resourceType = 'AWS::SNS::Topic' AND awsRegion = '${context.region}' AND accountId = '${context.accountId}' AND ${resourceStatusWhereClause} `; const results = await executeConfigQuery(query, context); const topics = results.map((result) => { const { configItem, configuration, tags } = parseConfigItem(result); // Cache data that will be needed by other commands context.putCache(configItem.arn, 'configuration', configuration); context.putCache(configItem.arn, 'tags', tags); return { TopicArn: configItem.arn }; }); return { Topics: topics, NextToken: undefined // Config doesn't provide pagination markers }; } }); //# sourceMappingURL=AwsConfigSNSClient.js.map