/
utils.go
152 lines (132 loc) · 3.91 KB
/
utils.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
package utils
import (
"context"
"strings"
"unicode/utf8"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/cloudtrail"
ctypes "github.com/aws/aws-sdk-go-v2/service/cloudtrail/types"
"github.com/google/uuid"
"github.com/guessi/cloudtrail-cli/pkg/types"
)
func isValidUUID(u string) bool {
_, err := uuid.Parse(u)
return err == nil
}
func truncateString(truncate bool, input string, maxLength int) string {
if !truncate || len(input) < maxLength {
return input
}
if utf8.ValidString(input[:maxLength]) {
return input[:maxLength]
}
return input[:maxLength+1]
}
func getDisplayUserName(u types.UserIdentity) string {
var username string
switch t := u.Type; t {
case "IAMUser":
username = u.UserName
case "WebIdentityUser":
username = u.UserName
case "AssumedRole":
username = strings.Split(u.Arn, "/")[2]
default:
username = "-"
}
return username
}
func getBatchSize(i int) *int32 {
const defaultBatchSize int = 50
var r int32
if i > 0 && i <= defaultBatchSize {
r = int32(i)
} else {
r = int32(defaultBatchSize)
}
return &r
}
func LookupEvents(ctx context.Context, svc *cloudtrail.Client, input *cloudtrail.LookupEventsInput, maxResults int) ([]ctypes.Event, error) {
var events []ctypes.Event
var returnSize int
paginator := cloudtrail.NewLookupEventsPaginator(svc, input)
for paginator.HasMorePages() {
out, err := paginator.NextPage(ctx)
if err != nil {
return nil, err
}
events = append(events, out.Events...)
if len(events) > maxResults {
break
}
}
returnSize = maxResults
if len(events) < maxResults {
returnSize = len(events)
}
return events[:returnSize], nil
}
func composeLookupAttributesInput(eventId, eventName string, readOnly, noReadOnly bool, userName, eventSource, accessKeyId string) []ctypes.LookupAttribute {
lookupAttributesInput := []ctypes.LookupAttribute{}
// LookupAttributeKeyEventId
if isValidUUID(eventId) {
attrEventId := ctypes.LookupAttribute{
AttributeKey: ctypes.LookupAttributeKeyEventId,
AttributeValue: aws.String(eventId),
}
lookupAttributesInput = append(lookupAttributesInput, attrEventId)
}
// LookupAttributeKeyEventName
if len(eventName) > 0 {
attrEventName := ctypes.LookupAttribute{
AttributeKey: ctypes.LookupAttributeKeyEventName,
AttributeValue: aws.String(eventName),
}
lookupAttributesInput = append(lookupAttributesInput, attrEventName)
}
// LookupAttributeKeyReadOnly
var shouldPassReadonly bool
var lookupAttributeKeyReadOnlyValue *string
if readOnly != noReadOnly {
shouldPassReadonly = true
if readOnly {
lookupAttributeKeyReadOnlyValue = aws.String("true")
}
if noReadOnly {
lookupAttributeKeyReadOnlyValue = aws.String("false")
}
}
if shouldPassReadonly {
attrReadOnly := ctypes.LookupAttribute{
AttributeKey: ctypes.LookupAttributeKeyReadOnly,
AttributeValue: lookupAttributeKeyReadOnlyValue,
}
lookupAttributesInput = append(lookupAttributesInput, attrReadOnly)
}
// LookupAttributeKeyUsername
if len(userName) > 0 {
attrUserName := ctypes.LookupAttribute{
AttributeKey: ctypes.LookupAttributeKeyUsername,
AttributeValue: aws.String(userName),
}
lookupAttributesInput = append(lookupAttributesInput, attrUserName)
}
// LookupAttributeKeyEventSource
const EVENT_SOURCE_SUFFIX = ".amazonaws.com"
if len(eventSource) > len(EVENT_SOURCE_SUFFIX) && strings.HasSuffix(eventSource, EVENT_SOURCE_SUFFIX) {
attrEventSource := ctypes.LookupAttribute{
AttributeKey: ctypes.LookupAttributeKeyEventSource,
AttributeValue: aws.String(eventSource),
}
lookupAttributesInput = append(lookupAttributesInput, attrEventSource)
}
// LookupAttributeKeyAccessKeyId
if len(accessKeyId) == 20 {
attrAccessKeyId := ctypes.LookupAttribute{
AttributeKey: ctypes.LookupAttributeKeyAccessKeyId,
AttributeValue: aws.String(accessKeyId),
}
lookupAttributesInput = append(lookupAttributesInput, attrAccessKeyId)
}
return lookupAttributesInput
}