@cloud-copilot/iam-collect/dist/cjs/syncs/kms/key.js

Collect IAM information from AWS Accounts

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.KeySync = void 0;
const client_kms_1 = require("@aws-sdk/client-kms");
const client_tools_js_1 = require("../../utils/client-tools.js");
const typedSync_js_1 = require("../typedSync.js");
exports.KeySync = (0, typedSync_js_1.createTypedSyncOperation)('kms', 'keys', (0, typedSync_js_1.createResourceSyncType)({
    client: client_kms_1.KMSClient,
    command: client_kms_1.ListKeysCommand,
    key: 'Keys',
    paginationConfig: {
        inputKey: 'Marker',
        outputKey: 'NextMarker'
    },
    resourceTypeParts: (accountId, region) => ({
        service: 'kms',
        resourceType: 'key',
        account: accountId,
        region: region
    }),
    extraFields: {
        tags: async (client, key) => {
            return (0, client_tools_js_1.runAndCatchAccessDenied)(async () => {
                return (0, client_tools_js_1.runAndCatch404)(async () => {
                    const tagResult = await client.send(new client_kms_1.ListResourceTagsCommand({ KeyId: key.KeyId }));
                    return tagResult.Tags;
                });
            });
        },
        policy: async (client, key) => {
            return (0, client_tools_js_1.runAndCatch404)(async () => {
                const policyResult = await client.send(new client_kms_1.GetKeyPolicyCommand({ KeyId: key.KeyId, PolicyName: 'default' }));
                if (policyResult.Policy) {
                    return JSON.parse(policyResult.Policy);
                }
                return undefined;
            });
        }
    },
    tags: (func) => func.extraFields.tags,
    arn: (func) => func.KeyArn,
    results: (func) => ({
        metadata: {
            id: func.KeyId
        },
        policy: func.extraFields.policy
    })
}));
//# sourceMappingURL=key.js.map