Skip to content

Commit

Permalink
🧹 improve the aws iam virtual mfa device resource
Browse files Browse the repository at this point in the history
  • Loading branch information
@vjeffrey
vjeffrey committed Aug 20, 2024
1 parent 948f78c commit 8f9ed74
Show file tree
Hide file tree
Showing 3 changed files with 39 additions and 3 deletions.
2 changes: 1 addition & 1 deletion providers/aws/resources/aws.lr
View file
Original file line number Diff line number Diff line change
Expand Up @@ -891,7 +891,7 @@ private aws.iam.virtualmfadevice @defaults("serialNumber") {
// Time when the MFA device was enabled
enableDate time
// User associated with the MFA device
user aws.iam.user
user() aws.iam.user
}

// AWS IAM Access Analyzer resource (for assessing the configuration of AWS IAM Access Analyzer)
Expand Down
16 changes: 14 additions & 2 deletions providers/aws/resources/aws.lr.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

24 changes: 24 additions & 0 deletions providers/aws/resources/aws_iam.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -330,11 +330,35 @@ func (a *mqlAwsIam) virtualMfaDevices() ([]interface{}, error) {
}

res = append(res, mqlAwsIamMfaDevice)
if device.User != nil {
mqlAwsIamMfaDevice.(*mqlAwsIamVirtualmfadevice).cacheUserArn = device.User.Arn
mqlAwsIamMfaDevice.(*mqlAwsIamVirtualmfadevice).cacheUserName = device.User.UserName
}
}

return res, nil
}

func (a *mqlAwsIamVirtualmfadevice) user() (*mqlAwsIamUser, error) {
if a.cacheUserArn != nil && a.cacheUserName != nil {
awsIamUser, err := NewResource(a.MqlRuntime, "aws.iam.user", map[string]*llx.RawData{
"arn": llx.StringDataPtr(a.cacheUserArn),
"name": llx.StringDataPtr(a.cacheUserName),
})
if err != nil {
return nil, err
}
return awsIamUser.(*mqlAwsIamUser), nil
}
a.User.State = plugin.StateIsNull
return nil, nil
}

type mqlAwsIamVirtualmfadeviceInternal struct {
cacheUserName *string
cacheUserArn *string
}

func (a *mqlAwsIam) mqlPolicies(policies []iamtypes.Policy) ([]interface{}, error) {
res := []interface{}{}
for i := range policies {
Expand Down

0 comments on commit 8f9ed74

Please sign in to comment.