-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(iam): add delete access key action and refactor
Signed-off-by: Derek Smith <dsmith@goodwaygroup.com>
- Loading branch information
Showing
7 changed files
with
243 additions
and
159 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,132 @@ | ||
package iam | ||
|
||
import ( | ||
"fmt" | ||
"strings" | ||
|
||
"github.com/AlecAivazis/survey/v2" | ||
"github.com/kyokomi/emoji/v2" | ||
"github.com/thoas/go-funk" | ||
"github.com/urfave/cli/v2" | ||
) | ||
|
||
// determineCheck converts threshold units to hours | ||
func determineCheck(threshold int64, units string) (check int64) { | ||
switch units { | ||
case "hours": | ||
check = threshold | ||
case "days": | ||
check = threshold * 24 | ||
case "weeks": | ||
check = threshold * 7 * 24 | ||
case "months": | ||
check = threshold * 30 * 24 | ||
default: | ||
// days | ||
check = threshold * 24 | ||
} | ||
return | ||
} | ||
|
||
// keyActions determines which action to run based on CLI parameters | ||
func keyActions(c *cli.Context) error { | ||
units := strings.ToLower(c.String("units")) | ||
allowedFilters := []string{"", "hours", "days", "weeks", "months"} | ||
if !funk.ContainsString(allowedFilters, units) { | ||
return cli.Exit(fmt.Sprintf("Invalid value for units. Must be one of: %v", allowedFilters), 3) | ||
} | ||
|
||
threshold := c.Int64("threshold") | ||
check := determineCheck(threshold, units) | ||
|
||
users, err := getAllUsers(&buildUserDataOptions{ | ||
checkConsoleAccess: false, | ||
getPermissions: false, | ||
getAccessKeys: true, | ||
}) | ||
if err != nil { | ||
return cli.Exit(err, 2) | ||
} | ||
|
||
var toAction []*AccessKey | ||
command := c.Command.Name | ||
for _, user := range users { | ||
for _, key := range user.accessKeys { | ||
switch command { | ||
case "deactivate": | ||
if markToDeactivate(key, check) { | ||
toAction = append(toAction, key) | ||
} | ||
case "delete": | ||
if markToDelete(key, check) { | ||
toAction = append(toAction, key) | ||
} | ||
case "unused": | ||
if markAsNeverUsed(key) { | ||
toAction = append(toAction, key) | ||
} | ||
case "recent": | ||
if markAsRecentlyUsed(key, check) { | ||
toAction = append(toAction, key) | ||
} | ||
} | ||
} | ||
} | ||
|
||
if len(toAction) == 0 { | ||
fmt.Println(emoji.Sprint(":check_mark_button: No Access Keys qualify.")) | ||
return nil | ||
} | ||
|
||
switch command { | ||
case "deactivate": | ||
fmt.Println(emoji.Sprintf(":warning: Found %d Access Keys that qualify for deactivation :warning:", len(toAction))) | ||
renderUserAccessKeys(toAction, "name") | ||
case "delete": | ||
fmt.Println(emoji.Sprintf(":warning: Found %d Access Keys that qualify for deletion :warning:", len(toAction))) | ||
renderUserAccessKeys(toAction, "name") | ||
case "unused": | ||
fmt.Println(emoji.Sprintf(":doughnut: Found %d Access Keys that have NEVER been used :coffee:", len(toAction))) | ||
renderUserAccessKeys(toAction, "created") | ||
case "recent": | ||
fmt.Println(emoji.Sprintf(":peacock: Found %d Access Keys used in the last %d %s :whale:", len(toAction), threshold, units)) | ||
renderUserAccessKeys(toAction, "activity") | ||
} | ||
|
||
switch command { | ||
case "deactivate": | ||
takeAction := false | ||
p := &survey.Confirm{ | ||
Message: "Deactivate Keys?", | ||
} | ||
err = survey.AskOne(p, &takeAction) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
if takeAction { | ||
err = actionOnUserAccessKey(toAction, "DEACTIVATE") | ||
if err != nil { | ||
return err | ||
} | ||
} | ||
case "delete": | ||
takeAction := false | ||
p := &survey.Confirm{ | ||
Message: "Delete Keys?", | ||
} | ||
err = survey.AskOne(p, &takeAction) | ||
if err != nil { | ||
return err | ||
} | ||
|
||
if takeAction { | ||
err = actionOnUserAccessKey(toAction, "DELETE") | ||
if err != nil { | ||
return err | ||
} | ||
} | ||
} | ||
|
||
return nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,26 @@ | ||
package iam | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func Test_determineCheck(t *testing.T) { | ||
is := assert.New(t) | ||
tests := []struct { | ||
threshold int64 | ||
units string | ||
want int64 | ||
}{ | ||
{threshold: 1, units: "hours", want: 1}, | ||
{threshold: 1, units: "days", want: 24}, | ||
{threshold: 1, units: "weeks", want: 168}, | ||
{threshold: 1, units: "months", want: 720}, | ||
{threshold: 1, units: "", want: 24}, | ||
} | ||
|
||
for _, tc := range tests { | ||
is.Equal(tc.want, determineCheck(tc.threshold, tc.units)) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.