@cloud-copilot/iam-lens/dist/cjs/principalCan/resources/actions.js

Visibility in IAM in and across AWS accounts

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.actionsForResourceType = actionsForResourceType;
const iam_data_1 = require("@cloud-copilot/iam-data");
/**
 * Get the actions for a resource type in a service.
 *
 * @param service the service to get actions for
 * @param resourceType the resource type to get the actions for
 * @returns the actions that can be performed on the resource type
 */
async function actionsForResourceType(service, resourceType) {
    const resourceTypeExists = await (0, iam_data_1.iamResourceTypeExists)(service, resourceType);
    if (!resourceTypeExists) {
        throw new Error(`Resource type ${resourceType} does not exist in service ${service}`);
    }
    const actions = await (0, iam_data_1.iamActionsForService)(service);
    const matchingAction = [];
    for (const action of actions) {
        const actionDetails = await (0, iam_data_1.iamActionDetails)(service, action);
        if (actionDetails?.resourceTypes?.some((rt) => rt.name === resourceType)) {
            matchingAction.push(action);
        }
    }
    return matchingAction;
}
//# sourceMappingURL=actions.js.map