awspolicy

package module

v0.1.1 Latest Latest Go to latest Published: Apr 19, 2024 License: GPL-3.0 Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/alileza/awspolicy

Links

Open Source Insights

README ¶

AWS-Policy

AWS have an amazing SDK for Go with all API functions output typed, and works like clockwork ... until IAM policy documents appear.

AWS describes the policy document in SDK (GetPolicyVersion function ), textually The policy document returned in this structure is URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986)

In practice, it is raw data, and parsing is difficult due to it's structure depends on the policy, and not all fields always appear.
To achieve this I have used golang generics and it seems to work pretty well.

Issues

Feel free to submit issues and enhancement requests.

Please fork this project and open a PR to submit it.

Documentation ¶

Overview ¶

Package policy provides a custom function to unmarshal AWS policies.

Index ¶

type Policy
- func (policyJSON *Policy) UnmarshalJSON(policy []byte) error
type Statement
- func (statementJSON *Statement) Parse(statement map[string]interface{})

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Policy ¶

type Policy struct {
	Version    string      `json:"Version"`
	ID         string      `json:"-"`
	Statements []Statement `json:"Statement"`
}

Policy represents an AWS IAM policy document

func GetAWSPolicy ¶

func GetAWSPolicy(ctx context.Context, svc *iam.IAM, policyArn string) (*Policy, error)

GetAWSPolicy retrieves an AWS policy by its ARN.

func Merge ¶

func Merge(name string, version string, policies []*Policy) *Policy

Merge merges multiple policies into a single policy.

func Split ¶

func Split(policy *Policy, limit int) []*Policy

Split splits a policy into multiple policies with a size limit.

func (*Policy) UnmarshalJSON ¶

func (policyJSON *Policy) UnmarshalJSON(policy []byte) error

UnmarshalJSON decodifies input JSON info to awsPolicy type

type Statement ¶

type Statement struct {
	StatementID  string              `json:"Sid,omitempty"`          // Statement ID, service specific
	Effect       string              `json:"Effect"`                 // Allow or Deny
	Principal    map[string][]string `json:"Principal,omitempty"`    // principal that is allowed or denied
	NotPrincipal map[string][]string `json:"NotPrincipal,omitempty"` // exception to a list of principals
	Action       []string            `json:"Action"`                 // allowed or denied action
	NotAction    []string            `json:"NotAction,omitempty"`    // matches everything except
	Resource     []string            `json:"Resource,omitempty"`     // object or objects that the statement covers
	NotResource  []string            `json:"NotResource,omitempty"`  // matches everything except
	Condition    map[string]any      `json:"Condition,omitempty"`    // conditions for when a policy is in effect
}

Statement represents the body of an AWS IAM policy document

func (*Statement) Parse ¶

func (statementJSON *Statement) Parse(statement map[string]interface{})

Parse decodifies input JSON info into Statement type

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL