Parse AWS ARNs in Clojure
Switch branches/tags
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
scripts
src/aws_arn
test/aws_arn
.gitignore
.travis.yml
CONTRIBUTING.org
LICENSE
README.org
RELEASING.org
project.clj

README.org

aws-arn

https://travis-ci.org/skybet/aws-arn.svg?branch=master

Parse AWS ARNs into useful information.

https://clojars.org/aws-arn/latest-version.svg

AWS have documented the structure of their ARNs. This simple library parses these known ARN structures into a map of ARN components.

Why?

ARN parsing is useful with provisioning tools, because ARNs encode all the information necessary to refer to an AWS resource.

As an example, provisioning a Lambda function that puts items into a DynamoDB table requires that you know:

  • the table ARN, to grant permissions
  • the table region and name, to construct the put item API calls

You could pass all three separately as parameters into your provisioning solution, or you can just pass the ARN and have you Lambda function parse it to obtain the table name and region.

Usage Notes

  • passing nil as the ARN returns nil
  • all keys will be present in the output map, missing values will be represented by nil

Examples

AWS documentation is the source for these examples.

(require [aws-arn.core :refer [parse-arn]])

;; IAM is a global service, no region in ARN
(parse-arn "arn:aws:iam::123456789012:user/David")
#_{:partition "aws",
   :service "iam",
   :region nil,
   :account-id "123456789012",
   :resource-type "user",
   :resource "David"}

;; Elastic Beanstalk ARN, note the forward slash in the resource
(parse-arn "arn:aws:elasticbeanstalk:us-east-1:123456789012:environment/My App/MyEnvironment")
#_{:partition "aws",
   :service "elasticbeanstalk",
   :region "us-east-1",
   :account-id "123456789012",
   :resource-type "environment",
   :resource "My App/MyEnvironment"}

;; Parse an RDS ARN
(parse-arn "arn:aws:rds:eu-west-1:123456789012:db:mysql-db")
#_{:partition "aws",
 :service "rds",
 :region "eu-west-1",
 :account-id "123456789012",
 :resource-type "db",
 :resource "mysql-db"}

;; Parse an S3 ARN, no region or account
(parse-arn "arn:aws:s3:::my_corporate_bucket/exampleobject.png")
#_{:partition "aws",
   :service "s3",
   :region nil,
   :account-id nil,
   :resource-type "my_corporate_bucket",
   :resource "exampleobject.png"}