Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
41b5c3d
commit 9c20286
Showing
4 changed files
with
97 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,4 +1,4 @@ | ||
rbiam_version:= v0.2 | ||
rbiam_version:= v0.3 | ||
|
||
.PHONY: build | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
package main | ||
|
||
import ( | ||
"encoding/json" | ||
"fmt" | ||
"io/ioutil" | ||
"strings" | ||
"time" | ||
) | ||
|
||
// exportRaw exports the trace as a raw dump in JSON format into a file | ||
// in the current working directory with a name of 'rbiam-trace-NNNNNNNNNN' with | ||
// the NNNNNNNNNN being the Unix timestamp of the creation time, for example: | ||
// rbiam-trace-1564315687.json | ||
func exportRaw(trace []string, ag *AccessGraph) (string, error) { | ||
dump := "" | ||
for _, item := range trace { | ||
itype := strings.TrimPrefix(strings.Split(item, "]")[0], "[") | ||
ikey := strings.TrimSpace(strings.Split(item, "]")[1]) | ||
switch itype { | ||
case "IAM role": | ||
b, err := json.Marshal(ag.Roles[ikey]) | ||
if err != nil { | ||
return "", err | ||
} | ||
dump = fmt.Sprintf("%v\n%v", dump, string(b)) | ||
case "IAM policy": | ||
b, err := json.Marshal(ag.Policies[ikey]) | ||
if err != nil { | ||
return "", err | ||
} | ||
dump = fmt.Sprintf("%v\n%v", dump, string(b)) | ||
case "Kubernetes service account": | ||
b, err := json.Marshal(ag.ServiceAccounts[ikey]) | ||
if err != nil { | ||
return "", err | ||
} | ||
dump = fmt.Sprintf("%v\n%v", dump, string(b)) | ||
case "Kubernetes secret": | ||
b, err := json.Marshal(ag.Secrets[ikey]) | ||
if err != nil { | ||
return "", err | ||
} | ||
dump = fmt.Sprintf("%v\n%v", dump, string(b)) | ||
case "Kubernetes pod": | ||
b, err := json.Marshal(ag.Pods[ikey]) | ||
if err != nil { | ||
return "", err | ||
} | ||
dump = fmt.Sprintf("%v\n%v", dump, string(b)) | ||
} | ||
} | ||
|
||
filename := fmt.Sprintf("rbiam-trace-%v.json", time.Now().Unix()) | ||
err := ioutil.WriteFile(filename, []byte(dump), 0644) | ||
if err != nil { | ||
return "", err | ||
} | ||
return filename, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters