cdk-assume-role-plugin
Version:
Adds assume role and mfa support to cdk apps
122 lines • 12.8 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
Object.defineProperty(o, k2, { enumerable: true, get: function() { return m[k]; } });
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
__setModuleDefault(result, mod);
return result;
};
Object.defineProperty(exports, "__esModule", { value: true });
exports.PrecedenceProfileMapper = exports.LocalProjectDirMapper = exports.EnvironmentAwareGlobalProfileMapper = exports.PackageJsonProfileMapper = exports.JsonFileProfileMapper = void 0;
const fs = __importStar(require("fs-extra"));
const path = __importStar(require("path"));
const os = __importStar(require("os"));
/*
* Resolves from a json file. The key for resolving a mapping is "cdkAssumeRolePlugin".
*
* example:
* `{
* "cdkAssumeRolePlugin": {
* userProfile: "default",
* roles: {
* "123": "role1",
* "456": "role2"
* }
* }
* }`
*
*/
class JsonFileProfileMapper {
constructor(props) {
this._encoding = 'utf8';
this._workingDirectory = props.workingDirectory;
this._filename = props.filename;
}
resolve() {
const filename = path.join(this._workingDirectory, this._filename);
if (!fs.existsSync(filename)) {
return {};
}
try {
const pkg = JSON.parse(fs.readFileSync(filename, this._encoding));
const { cdkAssumeRolePlugin } = pkg;
return cdkAssumeRolePlugin;
}
catch (e) {
console.log(`Failed to parse file ${this._filename}: `, e.message);
}
return {};
}
}
exports.JsonFileProfileMapper = JsonFileProfileMapper;
// Will use local package.json for mapping an accountnumber to a local profile
class PackageJsonProfileMapper {
resolve() {
return new JsonFileProfileMapper({
workingDirectory: process.cwd(),
filename: 'package.json',
}).resolve();
}
}
exports.PackageJsonProfileMapper = PackageJsonProfileMapper;
// Will default to ~/.cdkassumeroleplugin.json and can be overriden by environment variable
// CDK_ASSUME_ROLE_PLUGIN_CONFIG=/path/to/file.json
class EnvironmentAwareGlobalProfileMapper {
constructor() {
this._defaultGlobalConfigurationFile = '.cdkassumeroleplugin.json';
this._workingDirectory = os.homedir();
this._filename = this._defaultGlobalConfigurationFile;
const configFileLocationOverride = process.env[EnvironmentAwareGlobalProfileMapper.environmentVariableName];
if (configFileLocationOverride) {
const configFile = path.parse(configFileLocationOverride);
this._workingDirectory = configFile.dir;
this._filename = configFile.base;
}
}
resolve() {
return new JsonFileProfileMapper({
workingDirectory: this._workingDirectory,
filename: this._filename,
}).resolve();
}
}
exports.EnvironmentAwareGlobalProfileMapper = EnvironmentAwareGlobalProfileMapper;
EnvironmentAwareGlobalProfileMapper.environmentVariableName = 'CDK_ASSUME_ROLE_PLUGIN_CONFIG';
// Can be used in local project directory. Can be added or ignored by your VCS
class LocalProjectDirMapper {
resolve() {
return new JsonFileProfileMapper({
workingDirectory: process.cwd(),
filename: 'cdkmultiprofileplugin.json',
}).resolve();
}
}
exports.LocalProjectDirMapper = LocalProjectDirMapper;
// Uses all mappers and applies precedence
class PrecedenceProfileMapper {
resolve() {
// Temporary in order to get it working again
const packageJsonMappings = new PackageJsonProfileMapper().resolve();
const projectLocalMappings = new LocalProjectDirMapper().resolve();
const globalMappings = new EnvironmentAwareGlobalProfileMapper().resolve();
return {
...packageJsonMappings,
...projectLocalMappings,
...globalMappings,
};
}
}
exports.PrecedenceProfileMapper = PrecedenceProfileMapper;
//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJvZmlsZS1tYXBwZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi9zcmMvcHJvZmlsZS1tYXBwZXIudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7Ozs7Ozs7Ozs7Ozs7Ozs7Ozs7OztBQUFBLDZDQUErQjtBQUMvQiwyQ0FBNkI7QUFDN0IsdUNBQXlCO0FBZ0J6Qjs7Ozs7Ozs7Ozs7Ozs7R0FjRztBQUNILE1BQWEscUJBQXFCO0lBS2hDLFlBQVksS0FBaUM7UUFGckMsY0FBUyxHQUFHLE1BQU0sQ0FBQztRQUd6QixJQUFJLENBQUMsaUJBQWlCLEdBQUcsS0FBSyxDQUFDLGdCQUFnQixDQUFDO1FBQ2hELElBQUksQ0FBQyxTQUFTLEdBQUcsS0FBSyxDQUFDLFFBQVEsQ0FBQztJQUNsQyxDQUFDO0lBRUQsT0FBTztRQUNMLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLGlCQUFpQixFQUFFLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQztRQUNuRSxJQUFJLENBQUMsRUFBRSxDQUFDLFVBQVUsQ0FBQyxRQUFRLENBQUMsRUFBRTtZQUM1QixPQUFPLEVBQUUsQ0FBQztTQUNYO1FBQ0QsSUFBSTtZQUNGLE1BQU0sR0FBRyxHQUFHLElBQUksQ0FBQyxLQUFLLENBQUMsRUFBRSxDQUFDLFlBQVksQ0FBQyxRQUFRLEVBQUUsSUFBSSxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUM7WUFDbEUsTUFBTSxFQUFFLG1CQUFtQixFQUFFLEdBQUcsR0FBRyxDQUFDO1lBQ3BDLE9BQU8sbUJBQW1CLENBQUM7U0FDNUI7UUFBQyxPQUFPLENBQUMsRUFBRTtZQUNWLE9BQU8sQ0FBQyxHQUFHLENBQUMsd0JBQXdCLElBQUksQ0FBQyxTQUFTLElBQUksRUFBRSxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUM7U0FDcEU7UUFDRCxPQUFPLEVBQUUsQ0FBQztJQUNaLENBQUM7Q0FDRjtBQXhCRCxzREF3QkM7QUFFRCw4RUFBOEU7QUFDOUUsTUFBYSx3QkFBd0I7SUFDbkMsT0FBTztRQUNMLE9BQU8sSUFBSSxxQkFBcUIsQ0FBQztZQUMvQixnQkFBZ0IsRUFBRSxPQUFPLENBQUMsR0FBRyxFQUFFO1lBQy9CLFFBQVEsRUFBRSxjQUFjO1NBQ3pCLENBQUMsQ0FBQyxPQUFPLEVBQUUsQ0FBQztJQUNmLENBQUM7Q0FDRjtBQVBELDREQU9DO0FBRUQsMkZBQTJGO0FBQzNGLG1EQUFtRDtBQUNuRCxNQUFhLG1DQUFtQztJQVE5QztRQUxpQixvQ0FBK0IsR0FDOUMsMkJBQTJCLENBQUM7UUFLNUIsSUFBSSxDQUFDLGlCQUFpQixHQUFHLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUN0QyxJQUFJLENBQUMsU0FBUyxHQUFHLElBQUksQ0FBQywrQkFBK0IsQ0FBQztRQUN0RCxNQUFNLDBCQUEwQixHQUM5QixPQUFPLENBQUMsR0FBRyxDQUFDLG1DQUFtQyxDQUFDLHVCQUF1QixDQUFDLENBQUM7UUFDM0UsSUFBSSwwQkFBMEIsRUFBRTtZQUM5QixNQUFNLFVBQVUsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLDBCQUEwQixDQUFDLENBQUM7WUFDMUQsSUFBSSxDQUFDLGlCQUFpQixHQUFHLFVBQVUsQ0FBQyxHQUFHLENBQUM7WUFDeEMsSUFBSSxDQUFDLFNBQVMsR0FBRyxVQUFVLENBQUMsSUFBSSxDQUFDO1NBQ2xDO0lBQ0gsQ0FBQztJQUVELE9BQU87UUFDTCxPQUFPLElBQUkscUJBQXFCLENBQUM7WUFDL0IsZ0JBQWdCLEVBQUUsSUFBSSxDQUFDLGlCQUFpQjtZQUN4QyxRQUFRLEVBQUUsSUFBSSxDQUFDLFNBQVM7U0FDekIsQ0FBQyxDQUFDLE9BQU8sRUFBRSxDQUFDO0lBQ2YsQ0FBQzs7QUF6Qkgsa0ZBMEJDO0FBekJ3QiwyREFBdUIsR0FDNUMsK0JBQStCLENBQUM7QUEwQnBDLDhFQUE4RTtBQUM5RSxNQUFhLHFCQUFxQjtJQUNoQyxPQUFPO1FBQ0wsT0FBTyxJQUFJLHFCQUFxQixDQUFDO1lBQy9CLGdCQUFnQixFQUFFLE9BQU8sQ0FBQyxHQUFHLEVBQUU7WUFDL0IsUUFBUSxFQUFFLDRCQUE0QjtTQUN2QyxDQUFDLENBQUMsT0FBTyxFQUFFLENBQUM7SUFDZixDQUFDO0NBQ0Y7QUFQRCxzREFPQztBQUVELDBDQUEwQztBQUMxQyxNQUFhLHVCQUF1QjtJQUNsQyxPQUFPO1FBQ0wsNkNBQTZDO1FBQzdDLE1BQU0sbUJBQW1CLEdBQUcsSUFBSSx3QkFBd0IsRUFBRSxDQUFDLE9BQU8sRUFBRSxDQUFDO1FBQ3JFLE1BQU0sb0JBQW9CLEdBQUcsSUFBSSxxQkFBcUIsRUFBRSxDQUFDLE9BQU8sRUFBRSxDQUFDO1FBQ25FLE1BQU0sY0FBYyxHQUFHLElBQUksbUNBQW1DLEVBQUUsQ0FBQyxPQUFPLEVBQUUsQ0FBQztRQUMzRSxPQUFPO1lBQ0wsR0FBRyxtQkFBbUI7WUFDdEIsR0FBRyxvQkFBb0I7WUFDdkIsR0FBRyxjQUFjO1NBQ2xCLENBQUM7SUFDSixDQUFDO0NBQ0Y7QUFaRCwwREFZQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCAqIGFzIGZzIGZyb20gJ2ZzLWV4dHJhJztcbmltcG9ydCAqIGFzIHBhdGggZnJvbSAncGF0aCc7XG5pbXBvcnQgKiBhcyBvcyBmcm9tICdvcyc7XG5cbmV4cG9ydCBpbnRlcmZhY2UgQXNzdW1lUm9sZVBsdWdpbkNvbmZpZyB7XG4gIHVzZXJQcm9maWxlPzogc3RyaW5nO1xuICByb2xlcz86IFJlY29yZDxzdHJpbmcsIHN0cmluZz47XG59XG5cbmV4cG9ydCBpbnRlcmZhY2UgUHJvZmlsZU1hcHBlciB7XG4gIHJlc29sdmUoKTogQXNzdW1lUm9sZVBsdWdpbkNvbmZpZztcbn1cblxuZXhwb3J0IGludGVyZmFjZSBKc29uRmlsZVByb2ZpbGVNYXBwZXJQcm9wcyB7XG4gIHdvcmtpbmdEaXJlY3Rvcnk6IHN0cmluZztcbiAgZmlsZW5hbWU6IHN0cmluZztcbn1cblxuLypcbiAqIFJlc29sdmVzIGZyb20gYSBqc29uIGZpbGUuIFRoZSBrZXkgZm9yIHJlc29sdmluZyBhIG1hcHBpbmcgaXMgXCJjZGtBc3N1bWVSb2xlUGx1Z2luXCIuXG4gKlxuICogZXhhbXBsZTpcbiAqICBge1xuICogICAgICBcImNka0Fzc3VtZVJvbGVQbHVnaW5cIjoge1xuICogICAgICAgIHVzZXJQcm9maWxlOiBcImRlZmF1bHRcIixcbiAqICAgICAgICByb2xlczoge1xuICogICAgICAgICAgXCIxMjNcIjogXCJyb2xlMVwiLFxuICogICAgICAgICAgXCI0NTZcIjogXCJyb2xlMlwiXG4gKiAgICAgICAgfVxuICogICAgICB9XG4gKiAgfWBcbiAqXG4gKi9cbmV4cG9ydCBjbGFzcyBKc29uRmlsZVByb2ZpbGVNYXBwZXIgaW1wbGVtZW50cyBQcm9maWxlTWFwcGVyIHtcbiAgcHJpdmF0ZSByZWFkb25seSBfd29ya2luZ0RpcmVjdG9yeTogc3RyaW5nO1xuICBwcml2YXRlIHJlYWRvbmx5IF9maWxlbmFtZTogc3RyaW5nO1xuICBwcml2YXRlIF9lbmNvZGluZyA9ICd1dGY4JztcblxuICBjb25zdHJ1Y3Rvcihwcm9wczogSnNvbkZpbGVQcm9maWxlTWFwcGVyUHJvcHMpIHtcbiAgICB0aGlzLl93b3JraW5nRGlyZWN0b3J5ID0gcHJvcHMud29ya2luZ0RpcmVjdG9yeTtcbiAgICB0aGlzLl9maWxlbmFtZSA9IHByb3BzLmZpbGVuYW1lO1xuICB9XG5cbiAgcmVzb2x2ZSgpOiBBc3N1bWVSb2xlUGx1Z2luQ29uZmlnIHtcbiAgICBjb25zdCBmaWxlbmFtZSA9IHBhdGguam9pbih0aGlzLl93b3JraW5nRGlyZWN0b3J5LCB0aGlzLl9maWxlbmFtZSk7XG4gICAgaWYgKCFmcy5leGlzdHNTeW5jKGZpbGVuYW1lKSkge1xuICAgICAgcmV0dXJuIHt9O1xuICAgIH1cbiAgICB0cnkge1xuICAgICAgY29uc3QgcGtnID0gSlNPTi5wYXJzZShmcy5yZWFkRmlsZVN5bmMoZmlsZW5hbWUsIHRoaXMuX2VuY29kaW5nKSk7XG4gICAgICBjb25zdCB7IGNka0Fzc3VtZVJvbGVQbHVnaW4gfSA9IHBrZztcbiAgICAgIHJldHVybiBjZGtBc3N1bWVSb2xlUGx1Z2luO1xuICAgIH0gY2F0Y2ggKGUpIHtcbiAgICAgIGNvbnNvbGUubG9nKGBGYWlsZWQgdG8gcGFyc2UgZmlsZSAke3RoaXMuX2ZpbGVuYW1lfTogYCwgZS5tZXNzYWdlKTtcbiAgICB9XG4gICAgcmV0dXJuIHt9O1xuICB9XG59XG5cbi8vIFdpbGwgdXNlIGxvY2FsIHBhY2thZ2UuanNvbiBmb3IgbWFwcGluZyBhbiBhY2NvdW50bnVtYmVyIHRvIGEgbG9jYWwgcHJvZmlsZVxuZXhwb3J0IGNsYXNzIFBhY2thZ2VKc29uUHJvZmlsZU1hcHBlciBpbXBsZW1lbnRzIFByb2ZpbGVNYXBwZXIge1xuICByZXNvbHZlKCk6IEFzc3VtZVJvbGVQbHVnaW5Db25maWcge1xuICAgIHJldHVybiBuZXcgSnNvbkZpbGVQcm9maWxlTWFwcGVyKHtcbiAgICAgIHdvcmtpbmdEaXJlY3Rvcnk6IHByb2Nlc3MuY3dkKCksXG4gICAgICBmaWxlbmFtZTogJ3BhY2thZ2UuanNvbicsXG4gICAgfSkucmVzb2x2ZSgpO1xuICB9XG59XG5cbi8vIFdpbGwgZGVmYXVsdCB0byB+Ly5jZGthc3N1bWVyb2xlcGx1Z2luLmpzb24gYW5kIGNhbiBiZSBvdmVycmlkZW4gYnkgZW52aXJvbm1lbnQgdmFyaWFibGVcbi8vIENES19BU1NVTUVfUk9MRV9QTFVHSU5fQ09ORklHPS9wYXRoL3RvL2ZpbGUuanNvblxuZXhwb3J0IGNsYXNzIEVudmlyb25tZW50QXdhcmVHbG9iYWxQcm9maWxlTWFwcGVyIGltcGxlbWVudHMgUHJvZmlsZU1hcHBlciB7XG4gIHB1YmxpYyBzdGF0aWMgcmVhZG9ubHkgZW52aXJvbm1lbnRWYXJpYWJsZU5hbWUgPVxuICAgICdDREtfQVNTVU1FX1JPTEVfUExVR0lOX0NPTkZJRyc7XG4gIHByaXZhdGUgcmVhZG9ubHkgX2RlZmF1bHRHbG9iYWxDb25maWd1cmF0aW9uRmlsZSA9XG4gICAgJy5jZGthc3N1bWVyb2xlcGx1Z2luLmpzb24nO1xuICBwcml2YXRlIHJlYWRvbmx5IF93b3JraW5nRGlyZWN0b3J5OiBzdHJpbmc7XG4gIHByaXZhdGUgcmVhZG9ubHkgX2ZpbGVuYW1lOiBzdHJpbmc7XG5cbiAgY29uc3RydWN0b3IoKSB7XG4gICAgdGhpcy5fd29ya2luZ0RpcmVjdG9yeSA9IG9zLmhvbWVkaXIoKTtcbiAgICB0aGlzLl9maWxlbmFtZSA9IHRoaXMuX2RlZmF1bHRHbG9iYWxDb25maWd1cmF0aW9uRmlsZTtcbiAgICBjb25zdCBjb25maWdGaWxlTG9jYXRpb25PdmVycmlkZSA9XG4gICAgICBwcm9jZXNzLmVudltFbnZpcm9ubWVudEF3YXJlR2xvYmFsUHJvZmlsZU1hcHBlci5lbnZpcm9ubWVudFZhcmlhYmxlTmFtZV07XG4gICAgaWYgKGNvbmZpZ0ZpbGVMb2NhdGlvbk92ZXJyaWRlKSB7XG4gICAgICBjb25zdCBjb25maWdGaWxlID0gcGF0aC5wYXJzZShjb25maWdGaWxlTG9jYXRpb25PdmVycmlkZSk7XG4gICAgICB0aGlzLl93b3JraW5nRGlyZWN0b3J5ID0gY29uZmlnRmlsZS5kaXI7XG4gICAgICB0aGlzLl9maWxlbmFtZSA9IGNvbmZpZ0ZpbGUuYmFzZTtcbiAgICB9XG4gIH1cblxuICByZXNvbHZlKCk6IEFzc3VtZVJvbGVQbHVnaW5Db25maWcge1xuICAgIHJldHVybiBuZXcgSnNvbkZpbGVQcm9maWxlTWFwcGVyKHtcbiAgICAgIHdvcmtpbmdEaXJlY3Rvcnk6IHRoaXMuX3dvcmtpbmdEaXJlY3RvcnksXG4gICAgICBmaWxlbmFtZTogdGhpcy5fZmlsZW5hbWUsXG4gICAgfSkucmVzb2x2ZSgpO1xuICB9XG59XG5cbi8vIENhbiBiZSB1c2VkIGluIGxvY2FsIHByb2plY3QgZGlyZWN0b3J5LiBDYW4gYmUgYWRkZWQgb3IgaWdub3JlZCBieSB5b3VyIFZDU1xuZXhwb3J0IGNsYXNzIExvY2FsUHJvamVjdERpck1hcHBlciBpbXBsZW1lbnRzIFByb2ZpbGVNYXBwZXIge1xuICByZXNvbHZlKCk6IEFzc3VtZVJvbGVQbHVnaW5Db25maWcge1xuICAgIHJldHVybiBuZXcgSnNvbkZpbGVQcm9maWxlTWFwcGVyKHtcbiAgICAgIHdvcmtpbmdEaXJlY3Rvcnk6IHByb2Nlc3MuY3dkKCksXG4gICAgICBmaWxlbmFtZTogJ2Nka211bHRpcHJvZmlsZXBsdWdpbi5qc29uJyxcbiAgICB9KS5yZXNvbHZlKCk7XG4gIH1cbn1cblxuLy8gVXNlcyBhbGwgbWFwcGVycyBhbmQgYXBwbGllcyBwcmVjZWRlbmNlXG5leHBvcnQgY2xhc3MgUHJlY2VkZW5jZVByb2ZpbGVNYXBwZXIgaW1wbGVtZW50cyBQcm9maWxlTWFwcGVyIHtcbiAgcmVzb2x2ZSgpOiBBc3N1bWVSb2xlUGx1Z2luQ29uZmlnIHtcbiAgICAvLyBUZW1wb3JhcnkgaW4gb3JkZXIgdG8gZ2V0IGl0IHdvcmtpbmcgYWdhaW5cbiAgICBjb25zdCBwYWNrYWdlSnNvbk1hcHBpbmdzID0gbmV3IFBhY2thZ2VKc29uUHJvZmlsZU1hcHBlcigpLnJlc29sdmUoKTtcbiAgICBjb25zdCBwcm9qZWN0TG9jYWxNYXBwaW5ncyA9IG5ldyBMb2NhbFByb2plY3REaXJNYXBwZXIoKS5yZXNvbHZlKCk7XG4gICAgY29uc3QgZ2xvYmFsTWFwcGluZ3MgPSBuZXcgRW52aXJvbm1lbnRBd2FyZUdsb2JhbFByb2ZpbGVNYXBwZXIoKS5yZXNvbHZlKCk7XG4gICAgcmV0dXJuIHtcbiAgICAgIC4uLnBhY2thZ2VKc29uTWFwcGluZ3MsXG4gICAgICAuLi5wcm9qZWN0TG9jYWxNYXBwaW5ncyxcbiAgICAgIC4uLmdsb2JhbE1hcHBpbmdzLFxuICAgIH07XG4gIH1cbn1cbiJdfQ==