@cloud-copilot/iam-collect/dist/cjs/syncs/s3/accessPoints.js

Collect IAM information from AWS Accounts

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.S3AccessPointsSync = void 0;
const client_s3_control_1 = require("@aws-sdk/client-s3-control");
const client_tools_js_1 = require("../../utils/client-tools.js");
const json_js_1 = require("../../utils/json.js");
const typedSync_js_1 = require("../typedSync.js");
exports.S3AccessPointsSync = (0, typedSync_js_1.createTypedSyncOperation)('s3', 'accessPoints', (0, typedSync_js_1.createResourceSyncType)({
    client: client_s3_control_1.S3ControlClient,
    command: client_s3_control_1.ListAccessPointsCommand,
    key: 'AccessPointList',
    arguments: (accountId, region) => ({
        AccountId: accountId
    }),
    paginationConfig: {
        inputKey: 'NextToken',
        outputKey: 'NextToken'
    },
    arn: (accessPoint) => accessPoint.AccessPointArn,
    resourceTypeParts: (account, region) => ({
        service: 's3',
        resource: 'accesspoint',
        account,
        region
    }),
    extraFields: {
        details: async (client, accessPoint, accountId) => {
            const result = await client.send(new client_s3_control_1.GetAccessPointCommand({
                AccountId: accountId,
                Name: accessPoint.Name
            }));
            return result;
        },
        policy: async (client, accessPoint, accountId) => {
            const policy = (0, client_tools_js_1.runAndCatch404)(async () => {
                const result = await client.send(new client_s3_control_1.GetAccessPointPolicyCommand({
                    Name: accessPoint.Name,
                    AccountId: accountId
                }));
                return (0, json_js_1.parseIfPresent)(result.Policy);
            });
            return policy;
        }
    },
    tags: () => undefined, // Access points do not have tags
    results: (accessPoint) => ({
        metadata: {
            name: accessPoint.Name,
            alias: accessPoint.extraFields.details.Alias,
            networkOrigin: accessPoint.NetworkOrigin,
            vpc: accessPoint.VpcConfiguration?.VpcId,
            bucket: accessPoint.Bucket,
            bucketAccount: accessPoint.BucketAccountId,
            endpoints: accessPoint.extraFields.details.Endpoints
        },
        bpa: accessPoint.extraFields.details.PublicAccessBlockConfiguration,
        policy: accessPoint.extraFields.policy
    })
}));
//# sourceMappingURL=accessPoints.js.map