Skip to content

Commit e7c51e1

Browse files
disqdisq
authored
feat: Provide a decoded policy document field inside aws_iam_policies.policy_version_list (#2020)
~This PR adds a `DecodedDocument *string` field inside the `policy_version_list []types.PolicyVersion` field.~ [PolicyVersion type](https://docs.aws.amazon.com/IAM/latest/APIReference/API_PolicyVersion.html) includes an URL-encoded policy document, which is no use to run policies with. The alternative is [this](c071944) which is extra slow.
1 parent d378672 commit e7c51e1

3 files changed

Lines changed: 24 additions & 6 deletions

File tree

plugins/source/aws/codegen/recipes/iam.go

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -187,7 +187,7 @@ func IAMResources() []*Resource {
187187
{
188188
SubService: "policies",
189189
Struct: &types.ManagedPolicyDetail{},
190-
SkipFields: []string{"PolicyId", "Tags"},
190+
SkipFields: []string{"PolicyId", "Tags", "PolicyVersionList"},
191191
ExtraColumns: []codegen.ColumnDefinition{
192192
{
193193
Name: "account_id",
@@ -206,6 +206,11 @@ func IAMResources() []*Resource {
206206
Type: schema.TypeJSON,
207207
Resolver: `resolveIamPolicyTags`,
208208
},
209+
{
210+
Name: "policy_version_list",
211+
Type: schema.TypeJSON,
212+
Resolver: `resolveIamPolicyVersionList`,
213+
},
209214
},
210215
},
211216
{

plugins/source/aws/resources/services/iam/policies.go

Lines changed: 5 additions & 5 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

plugins/source/aws/resources/services/iam/policies_fetch.go

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,7 @@ package iam
22

33
import (
44
"context"
5+
"net/url"
56

67
"github.com/aws/aws-sdk-go-v2/aws"
78
"github.com/aws/aws-sdk-go-v2/service/iam"
@@ -41,3 +42,15 @@ func resolveIamPolicyTags(ctx context.Context, meta schema.ClientMeta, resource
4142
}
4243
return resource.Set("tags", client.TagsToMap(response.Tags))
4344
}
45+
46+
func resolveIamPolicyVersionList(ctx context.Context, meta schema.ClientMeta, resource *schema.Resource, c schema.Column) error {
47+
r := resource.Item.(types.ManagedPolicyDetail)
48+
for i := range r.PolicyVersionList {
49+
if v, err := url.PathUnescape(aws.ToString(r.PolicyVersionList[i].Document)); err == nil {
50+
r.PolicyVersionList[i].Document = &v
51+
} else {
52+
meta.Logger().Warn().Err(err).Str("policy_id", aws.ToString(r.PolicyId)).Msg("Failed to unescape policy document, leaving as-is")
53+
}
54+
}
55+
return resource.Set(c.Name, r.PolicyVersionList)
56+
}

0 commit comments

Comments
 (0)