aws-iam-policy-tool
Version:
AWS IAM role/policy management cli tool
54 lines (53 loc) • 1.85 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
/**
* export IAM roles to JSON files
*/
const promisedLife = require('promised-lifestream');
const iam_1 = require("./aws/iam");
const list_stream_1 = require("./aws/list_stream");
const stream_1 = require("./utils/stream");
const result_writer_1 = require("./utils/result_writer");
const result_1 = require("./utils/result");
const file_1 = require("./utils/file");
async function listRolePolicies(role) {
const params = { RoleName: role.RoleName };
const data = await iam_1.iam.listAttachedRolePolicies(params).promise();
return {
Role: role,
AttachedPolicies: data.AttachedPolicies,
};
}
async function writeRoleFile(parentDir, item) {
const role = Object.assign({}, item.Role);
if (role.AssumeRolePolicyDocument) {
role.AssumeRolePolicyDocument = JSON.parse(decodeURIComponent(role.AssumeRolePolicyDocument));
}
const result = {
Role: role,
AttachedPolicies: item.AttachedPolicies,
};
const fileName = `${role.RoleName}.json`;
try {
await file_1.writeJSONFile(parentDir, fileName, result);
return result_1.OK('Wrote %1', fileName);
}
catch (err) {
return result_1.NG('Failed to write %1', fileName);
}
}
async function main(outDir, nameMatcher, opts = {}) {
return promisedLife([
new list_stream_1.ListRoleStream(),
stream_1.filterStream((role) => {
return !nameMatcher || role.RoleName.match(nameMatcher);
}),
stream_1.promisedStream((role) => listRolePolicies(role)),
stream_1.promisedStream((item) => writeRoleFile(outDir, item)),
result_writer_1.createWriter(opts),
]).catch((err) => {
console.error(err.stack);
return false;
});
}
exports.main = main;