UNPKG

cdk-assume-role-plugin

Version:

Adds assume role and mfa support to cdk apps

github.com/hupe1980/cdk-multi-profile-plugin

hupe1980/cdk-multi-profile-plugin

51 lines 7.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.TemporaryCredentialProviderSource = void 0; const safe_1 = require("colors/safe"); const lodash_isempty_1 = __importDefault(require("lodash.isempty")); const aws_sdk_1 = require("aws-sdk"); const aws_cdk_1 = require("aws-cdk"); const utils_1 = require("./utils"); const profile_credentials_cache_1 = require("./profile-credentials-cache"); const profileCredentialsCache = new profile_credentials_cache_1.ProfileCredentialsCache(); class TemporaryCredentialProviderSource { constructor(name, profile, roles, filename) { this.name = name; this.profile = profile; this.roles = roles; this.filename = filename; } canProvideCredentials(accountId) { return Promise.resolve(Object.prototype.hasOwnProperty.call(this.roles, accountId)); } getProvider(accountId, mode) { const roleArn = `arn:aws:iam::${accountId}:role/${this.roles[accountId]}`; console.log('\n'); console.log(` 🚀 Using role ${safe_1.green(roleArn)} for account ${safe_1.green(accountId)} in mode ${safe_1.green(aws_cdk_1.Mode[mode])}`); console.log('\n'); let masterCredentials = profileCredentialsCache.get(this.profile); if (!masterCredentials) { masterCredentials = new aws_sdk_1.SharedIniFileCredentials({ tokenCodeFn: utils_1.tokenCodeFn, filename: this.filename, profile: this.profile, }); profileCredentialsCache.set(this.profile, masterCredentials); } const credentials = new aws_sdk_1.TemporaryCredentials({ RoleArn: roleArn, RoleSessionName: 'cdk-assume-role-plugin', }, masterCredentials); return Promise.resolve(credentials); } isAvailable() { if (this.filename && !lodash_isempty_1.default(this.roles)) return Promise.resolve(true); return Promise.resolve(false); } } exports.TemporaryCredentialProviderSource = TemporaryCredentialProviderSource; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoidGVtcG9yYXJ5LWNyZWRlbnRpYWwtcHJvdmlkZXItc291cmNlLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vc3JjL3RlbXBvcmFyeS1jcmVkZW50aWFsLXByb3ZpZGVyLXNvdXJjZS50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiOzs7Ozs7QUFBQSxzQ0FBb0M7QUFDcEMsb0VBQXFDO0FBQ3JDLHFDQUlpQjtBQUNqQixxQ0FBeUQ7QUFFekQsbUNBQXNDO0FBQ3RDLDJFQUFzRTtBQUV0RSxNQUFNLHVCQUF1QixHQUFHLElBQUksbURBQXVCLEVBQUUsQ0FBQztBQUU5RCxNQUFhLGlDQUFpQztJQUU1QyxZQUNrQixJQUFZLEVBQ1gsT0FBZSxFQUNmLEtBQTZCLEVBQzdCLFFBQWdCO1FBSGpCLFNBQUksR0FBSixJQUFJLENBQVE7UUFDWCxZQUFPLEdBQVAsT0FBTyxDQUFRO1FBQ2YsVUFBSyxHQUFMLEtBQUssQ0FBd0I7UUFDN0IsYUFBUSxHQUFSLFFBQVEsQ0FBUTtJQUNoQyxDQUFDO0lBRUcscUJBQXFCLENBQUMsU0FBaUI7UUFDNUMsT0FBTyxPQUFPLENBQUMsT0FBTyxDQUNwQixNQUFNLENBQUMsU0FBUyxDQUFDLGNBQWMsQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEtBQUssRUFBRSxTQUFTLENBQUMsQ0FDNUQsQ0FBQztJQUNKLENBQUM7SUFFTSxXQUFXLENBQUMsU0FBaUIsRUFBRSxJQUFVO1FBQzlDLE1BQU0sT0FBTyxHQUFHLGdCQUFnQixTQUFTLFNBQVMsSUFBSSxDQUFDLEtBQUssQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO1FBRTFFLE9BQU8sQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7UUFDbEIsT0FBTyxDQUFDLEdBQUcsQ0FDVCxtQkFBbUIsWUFBSyxDQUFDLE9BQU8sQ0FBQyxnQkFBZ0IsWUFBSyxDQUNwRCxTQUFTLENBQ1YsWUFBWSxZQUFLLENBQUMsY0FBSSxDQUFDLElBQUksQ0FBQyxDQUFDLEVBQUUsQ0FDakMsQ0FBQztRQUNGLE9BQU8sQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLENBQUM7UUFFbEIsSUFBSSxpQkFBaUIsR0FBRyx1QkFBdUIsQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBRWxFLElBQUksQ0FBQyxpQkFBaUIsRUFBRTtZQUN0QixpQkFBaUIsR0FBRyxJQUFJLGtDQUF3QixDQUFDO2dCQUMvQyxXQUFXLEVBQVgsbUJBQVc7Z0JBQ1gsUUFBUSxFQUFFLElBQUksQ0FBQyxRQUFRO2dCQUN2QixPQUFPLEVBQUUsSUFBSSxDQUFDLE9BQU87YUFDdEIsQ0FBQyxDQUFDO1lBRUgsdUJBQXVCLENBQUMsR0FBRyxDQUFDLElBQUksQ0FBQyxPQUFPLEVBQUUsaUJBQWlCLENBQUMsQ0FBQztTQUM5RDtRQUVELE1BQU0sV0FBVyxHQUFHLElBQUksOEJBQW9CLENBQzFDO1lBQ0UsT0FBTyxFQUFFLE9BQU87WUFDaEIsZUFBZSxFQUFFLHdCQUF3QjtTQUMxQyxFQUNELGlCQUFpQixDQUNsQixDQUFDO1FBRUYsT0FBTyxPQUFPLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxDQUFDO0lBQ3RDLENBQUM7SUFFTSxXQUFXO1FBQ2hCLElBQUksSUFBSSxDQUFDLFFBQVEsSUFBSSxDQUFDLHdCQUFPLENBQUMsSUFBSSxDQUFDLEtBQUssQ0FBQztZQUFFLE9BQU8sT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUMsQ0FBQztRQUV4RSxPQUFPLE9BQU8sQ0FBQyxPQUFPLENBQUMsS0FBSyxDQUFDLENBQUM7SUFDaEMsQ0FBQztDQUNGO0FBdERELDhFQXNEQyIsInNvdXJjZXNDb250ZW50IjpbImltcG9ydCB7IGdyZWVuIH0gZnJvbSAnY29sb3JzL3NhZmUnO1xuaW1wb3J0IGlzRW1wdHkgZnJvbSAnbG9kYXNoLmlzZW1wdHknO1xuaW1wb3J0IHtcbiAgU2hhcmVkSW5pRmlsZUNyZWRlbnRpYWxzLFxuICBDcmVkZW50aWFscyxcbiAgVGVtcG9yYXJ5Q3JlZGVudGlhbHMsXG59IGZyb20gJ2F3cy1zZGsnO1xuaW1wb3J0IHsgQ3JlZGVudGlhbFByb3ZpZGVyU291cmNlLCBNb2RlIH0gZnJvbSAnYXdzLWNkayc7XG5cbmltcG9ydCB7IHRva2VuQ29kZUZuIH0gZnJvbSAnLi91dGlscyc7XG5pbXBvcnQgeyBQcm9maWxlQ3JlZGVudGlhbHNDYWNoZSB9IGZyb20gJy4vcHJvZmlsZS1jcmVkZW50aWFscy1jYWNoZSc7XG5cbmNvbnN0IHByb2ZpbGVDcmVkZW50aWFsc0NhY2hlID0gbmV3IFByb2ZpbGVDcmVkZW50aWFsc0NhY2hlKCk7XG5cbmV4cG9ydCBjbGFzcyBUZW1wb3JhcnlDcmVkZW50aWFsUHJvdmlkZXJTb3VyY2VcbiAgaW1wbGVtZW50cyBDcmVkZW50aWFsUHJvdmlkZXJTb3VyY2Uge1xuICBjb25zdHJ1Y3RvcihcbiAgICBwdWJsaWMgcmVhZG9ubHkgbmFtZTogc3RyaW5nLFxuICAgIHByaXZhdGUgcmVhZG9ubHkgcHJvZmlsZTogc3RyaW5nLFxuICAgIHByaXZhdGUgcmVhZG9ubHkgcm9sZXM6IFJlY29yZDxzdHJpbmcsIHN0cmluZz4sXG4gICAgcHJpdmF0ZSByZWFkb25seSBmaWxlbmFtZTogc3RyaW5nLFxuICApIHt9XG5cbiAgcHVibGljIGNhblByb3ZpZGVDcmVkZW50aWFscyhhY2NvdW50SWQ6IHN0cmluZyk6IFByb21pc2U8Ym9vbGVhbj4ge1xuICAgIHJldHVybiBQcm9taXNlLnJlc29sdmUoXG4gICAgICBPYmplY3QucHJvdG90eXBlLmhhc093blByb3BlcnR5LmNhbGwodGhpcy5yb2xlcywgYWNjb3VudElkKSxcbiAgICApO1xuICB9XG5cbiAgcHVibGljIGdldFByb3ZpZGVyKGFjY291bnRJZDogc3RyaW5nLCBtb2RlOiBNb2RlKTogUHJvbWlzZTxDcmVkZW50aWFscz4ge1xuICAgIGNvbnN0IHJvbGVBcm4gPSBgYXJuOmF3czppYW06OiR7YWNjb3VudElkfTpyb2xlLyR7dGhpcy5yb2xlc1thY2NvdW50SWRdfWA7XG5cbiAgICBjb25zb2xlLmxvZygnXFxuJyk7XG4gICAgY29uc29sZS5sb2coXG4gICAgICBgIPCfmoAgIFVzaW5nIHJvbGUgJHtncmVlbihyb2xlQXJuKX0gZm9yIGFjY291bnQgJHtncmVlbihcbiAgICAgICAgYWNjb3VudElkLFxuICAgICAgKX0gaW4gbW9kZSAke2dyZWVuKE1vZGVbbW9kZV0pfWAsXG4gICAgKTtcbiAgICBjb25zb2xlLmxvZygnXFxuJyk7XG5cbiAgICBsZXQgbWFzdGVyQ3JlZGVudGlhbHMgPSBwcm9maWxlQ3JlZGVudGlhbHNDYWNoZS5nZXQodGhpcy5wcm9maWxlKTtcblxuICAgIGlmICghbWFzdGVyQ3JlZGVudGlhbHMpIHtcbiAgICAgIG1hc3RlckNyZWRlbnRpYWxzID0gbmV3IFNoYXJlZEluaUZpbGVDcmVkZW50aWFscyh7XG4gICAgICAgIHRva2VuQ29kZUZuLFxuICAgICAgICBmaWxlbmFtZTogdGhpcy5maWxlbmFtZSxcbiAgICAgICAgcHJvZmlsZTogdGhpcy5wcm9maWxlLFxuICAgICAgfSk7XG5cbiAgICAgIHByb2ZpbGVDcmVkZW50aWFsc0NhY2hlLnNldCh0aGlzLnByb2ZpbGUsIG1hc3RlckNyZWRlbnRpYWxzKTtcbiAgICB9XG5cbiAgICBjb25zdCBjcmVkZW50aWFscyA9IG5ldyBUZW1wb3JhcnlDcmVkZW50aWFscyhcbiAgICAgIHtcbiAgICAgICAgUm9sZUFybjogcm9sZUFybixcbiAgICAgICAgUm9sZVNlc3Npb25OYW1lOiAnY2RrLWFzc3VtZS1yb2xlLXBsdWdpbicsXG4gICAgICB9LFxuICAgICAgbWFzdGVyQ3JlZGVudGlhbHMsXG4gICAgKTtcblxuICAgIHJldHVybiBQcm9taXNlLnJlc29sdmUoY3JlZGVudGlhbHMpO1xuICB9XG5cbiAgcHVibGljIGlzQXZhaWxhYmxlKCk6IFByb21pc2U8Ym9vbGVhbj4ge1xuICAgIGlmICh0aGlzLmZpbGVuYW1lICYmICFpc0VtcHR5KHRoaXMucm9sZXMpKSByZXR1cm4gUHJvbWlzZS5yZXNvbHZlKHRydWUpO1xuXG4gICAgcmV0dXJuIFByb21pc2UucmVzb2x2ZShmYWxzZSk7XG4gIH1cbn1cbiJdfQ==