@csermet/multiprovider
Version:
cloud-graph provider plugin for AWS used to fetch AWS cloud data.
119 lines (118 loc) • 4.72 kB
JavaScript
;
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.listIamGroups = void 0;
const sdk_1 = __importDefault(require("@cloudgraph/sdk"));
const groupBy_1 = __importDefault(require("lodash/groupBy"));
const isEmpty_1 = __importDefault(require("lodash/isEmpty"));
const iam_1 = __importDefault(require("aws-sdk/clients/iam"));
const logger_1 = __importDefault(require("../../properties/logger"));
const utils_1 = require("../../utils");
const errorLog_1 = __importDefault(require("../../utils/errorLog"));
const regions_1 = require("../../enums/regions");
const constants_1 = require("../../config/constants");
const lt = { ...logger_1.default };
const { logger } = sdk_1.default;
const serviceName = 'IAM Group';
const errorLog = new errorLog_1.default(serviceName);
const endpoint = utils_1.initTestEndpoint(serviceName);
const customRetrySettings = utils_1.setAwsRetryOptions({
maxRetries: constants_1.MAX_FAILED_AWS_REQUEST_RETRIES,
baseDelay: constants_1.IAM_CUSTOM_DELAY,
});
const policiesByGroupName = async (iam, { GroupName }) => new Promise(resolveUserPolicies => {
iam.listGroupPolicies({ GroupName }, (err, data) => {
if (err) {
errorLog.generateAwsErrorLog({
functionName: 'iam:listGroupPolicies',
err,
});
}
if (!isEmpty_1.default(data)) {
const { PolicyNames = [] } = data;
resolveUserPolicies({ GroupName, Policies: PolicyNames });
}
resolveUserPolicies(null);
});
});
const managedPoliciesByGroupName = async (iam, { GroupName }) => new Promise(resolveUserPolicies => {
iam.listAttachedGroupPolicies({ GroupName }, (err, data) => {
if (err) {
errorLog.generateAwsErrorLog({
functionName: 'iam:listAttachedGroupPolicies',
err,
});
}
if (!isEmpty_1.default(data)) {
const { AttachedPolicies = [] } = data;
resolveUserPolicies({
GroupName,
ManagedPolicies: AttachedPolicies,
});
}
resolveUserPolicies(null);
});
});
const listIamGroups = async (iam, marker) => new Promise(resolve => {
const result = [];
const policiesByGroupNamePromises = [];
const managedPoliciesByGroupNamePromises = [];
iam.listGroups({ Marker: marker }, async (err, data) => {
if (err) {
errorLog.generateAwsErrorLog({
functionName: 'iam:listGroups',
err,
});
}
if (!isEmpty_1.default(data)) {
const { Groups: groups = [], IsTruncated, Marker } = data;
groups.map(group => {
policiesByGroupNamePromises.push(policiesByGroupName(iam, group));
managedPoliciesByGroupNamePromises.push(managedPoliciesByGroupName(iam, group));
});
const policies = await Promise.all(policiesByGroupNamePromises);
const managedPolicies = await Promise.all(managedPoliciesByGroupNamePromises);
result.push(...groups.map(({ GroupName, ...group }) => {
return {
GroupName,
...group,
region: regions_1.globalRegionName,
Policies: policies
?.filter(p => p.GroupName === GroupName)
.map(p => p.Policies)
.reduce((current, acc) => [...acc, ...current], []) || [],
ManagedPolicies: managedPolicies
?.filter(p => p.GroupName === GroupName)
.map(p => p.ManagedPolicies)
.reduce((current, acc) => [...acc, ...current], []) || [],
};
}));
if (IsTruncated) {
result.push(...(await exports.listIamGroups(iam, Marker)));
}
resolve(result);
}
resolve([]);
});
});
exports.listIamGroups = listIamGroups;
/**
* Iam Group
*/
exports.default = async ({ config, }) => new Promise(async (resolve) => {
let groupsData = [];
const client = new iam_1.default({
...config,
region: regions_1.globalRegionName,
endpoint,
...customRetrySettings,
});
logger.debug(lt.lookingForIamGroups);
// Fetch IAM Groups
groupsData = await exports.listIamGroups(client);
errorLog.reset();
logger.debug(lt.foundGroups(groupsData.length));
resolve(groupBy_1.default(groupsData, 'region'));
});