aws-iam-policy-tool
Version:
AWS IAM role/policy management cli tool
47 lines (46 loc) • 1.57 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", { value: true });
const jsonDiff = require('json-diff');
const policy_1 = require("../aws/policy");
const result_1 = require("../utils/result");
class PolicyValidator {
constructor(opts = {}) {
this._color = !(opts['plain'] || false);
this._invalidCnt = 0;
}
async prepare() {
const arnPrefix = await policy_1.getPolicyArnPrefix();
this.policyFetcher = new policy_1.PolicyFetcher(arnPrefix);
return arnPrefix;
}
async validate(entry) {
const { policyName, document: localDocument } = entry;
try {
const { currentPolicy: remotePolicy, } = await this.policyFetcher.getPolicyDefaultWithVersionInfo(entry);
if (!remotePolicy) {
this._invalidCnt++;
return result_1.NG('%1 does not exist.', policyName);
}
const df = jsonDiff.diffString(remotePolicy.document, localDocument, {
color: this._color,
});
if (df) {
this._invalidCnt++;
return result_1.NG('%1 is invalid.', policyName, df);
}
else {
return result_1.OK(policyName);
}
}
catch (err) {
if (err.code === 'NoSuchEntity') {
return result_1.NG('%1 does not exist.', policyName);
}
throw err;
}
}
isValid() {
return this._invalidCnt === 0;
}
}
exports.PolicyValidator = PolicyValidator;