@cloud-copilot/iam-collect
Version:
Collect IAM information from AWS Accounts
48 lines • 2.02 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
exports.S3MultiRegionAccessPointsSync = void 0;
const client_s3_control_1 = require("@aws-sdk/client-s3-control");
const client_tools_js_1 = require("../../utils/client-tools.js");
const json_js_1 = require("../../utils/json.js");
const typedSync_js_1 = require("../typedSync.js");
exports.S3MultiRegionAccessPointsSync = (0, typedSync_js_1.createTypedSyncOperation)('s3', 'multiRegionAccessPoints', (0, typedSync_js_1.createResourceSyncType)({
client: client_s3_control_1.S3ControlClient,
command: client_s3_control_1.ListMultiRegionAccessPointsCommand,
key: 'AccessPoints',
arguments: (accountId, region) => ({
AccountId: accountId
}),
paginationConfig: {
inputKey: 'NextToken',
outputKey: 'NextToken'
},
arn: (accessPoint, region, account, partition) => `arn:${partition}:s3::${account}:accesspoint/${accessPoint.Alias}`,
resourceTypeParts: (account, region) => ({
service: 's3',
resourceType: 'accesspoint',
account
}),
extraFields: {
policy: async (client, accessPoint, accountId) => {
const policy = (0, client_tools_js_1.runAndCatch404)(async () => {
const result = await client.send(new client_s3_control_1.GetMultiRegionAccessPointPolicyCommand({
Name: accessPoint.Name,
AccountId: accountId
}));
return (0, json_js_1.parseIfPresent)(result.Policy?.Established?.Policy);
});
return policy;
}
},
tags: () => undefined, // Multi region access points do not have tags
results: (accessPoint) => ({
metadata: {
name: accessPoint.Name,
alias: accessPoint.Alias,
regions: accessPoint.Regions
},
bpa: accessPoint.PublicAccessBlock,
policy: accessPoint.extraFields.policy
})
}));
//# sourceMappingURL=multiRegionAccessPoints.js.map