Merge pull request #319 from ekristen/iam-user

feat(iam-user): add new properties
ekristen · Sep 26, 2024 · ca740fa · ca740fa
2 parents 8b63225 + b225042
commit ca740fa
Show file tree

Hide file tree

Showing 3 changed files with 91 additions and 58 deletions.
diff --git a/resources/iam-service-specific-credentials.go b/resources/iam-service-specific-credentials.go
@@ -47,7 +47,7 @@ func (l *IAMServiceSpecificCredentialLister) List(ctx context.Context, o interfa
 			continue
 		}
 		params := &iam.ListServiceSpecificCredentialsInput{
-			UserName: user.name,
+			UserName: user.Name,
 		}
 		serviceCredentials, err := svc.ListServiceSpecificCredentials(params)
 		if err != nil {
@@ -60,7 +60,7 @@ func (l *IAMServiceSpecificCredentialLister) List(ctx context.Context, o interfa
 				name:        credential.ServiceUserName,
 				serviceName: credential.ServiceName,
 				id:          credential.ServiceSpecificCredentialId,
-				userName:    user.name,
+				userName:    user.Name,
 			})
 		}
 	}

diff --git a/resources/iam-user.go b/resources/iam-user.go
@@ -37,26 +37,30 @@ func init() {
 }
 
 type IAMUser struct {
-	svc                   iamiface.IAMAPI
-	id                    *string
-	name                  *string
-	hasPermissionBoundary bool
-	createDate            *time.Time
-	tags                  []*iam.Tag
+	svc                    iamiface.IAMAPI
+	Name                   *string
+	Path                   *string
+	UserID                 *string
+	CreateDate             *time.Time
+	PasswordLastUsed       *time.Time
+	Tags                   []*iam.Tag
+	HasPermissionBoundary  bool
+	PermissionBoundaryARN  *string
+	PermissionBoundaryType *string
 }
 
 func (r *IAMUser) Remove(_ context.Context) error {
-	if r.hasPermissionBoundary {
+	if r.HasPermissionBoundary {
 		_, err := r.svc.DeleteUserPermissionsBoundary(&iam.DeleteUserPermissionsBoundaryInput{
-			UserName: r.name,
+			UserName: r.Name,
 		})
 		if err != nil {
 			return err
 		}
 	}
 
 	_, err := r.svc.DeleteUser(&iam.DeleteUserInput{
-		UserName: r.name,
+		UserName: r.Name,
 	})
 	if err != nil {
 		return err
@@ -66,48 +70,11 @@ func (r *IAMUser) Remove(_ context.Context) error {
 }
 
 func (r *IAMUser) String() string {
-	return *r.name
+	return *r.Name
 }
 
 func (r *IAMUser) Properties() types.Properties {
-	properties := types.NewProperties()
-	properties.Set("UserID", r.id)
-	properties.Set("Name", r.name)
-	properties.Set("HasPermissionBoundary", r.hasPermissionBoundary)
-	properties.Set("CreateDate", r.createDate.Format(time.RFC3339))
-
-	for _, tag := range r.tags {
-		properties.SetTag(tag.Key, tag.Value)
-	}
-
-	return properties
-}
-
-// --------------
-
-// GetIAMUser retries and returns just the *iam.User from the response
-func GetIAMUser(svc iamiface.IAMAPI, userName *string) (*iam.User, error) {
-	resp, err := svc.GetUser(&iam.GetUserInput{
-		UserName: userName,
-	})
-	if err != nil {
-		return nil, err
-	}
-
-	return resp.User, err
-}
-
-// ListIAMUsers retrieves a base list of users
-func ListIAMUsers(svc iamiface.IAMAPI) ([]*iam.User, error) {
-	var users []*iam.User
-	if err := svc.ListUsersPages(nil, func(page *iam.ListUsersOutput, lastPage bool) bool {
-		users = append(users, page.Users...)
-		return true
-	}); err != nil {
-		return nil, err
-	}
-
-	return users, nil
+	return types.NewPropertiesFromStruct(r)
 }
 
 // --------------
@@ -142,19 +109,50 @@ func (l *IAMUserLister) List(_ context.Context, o interface{}) ([]resource.Resou
 		}
 
 		resourceUser := &IAMUser{
-			svc:        svc,
-			id:         user.UserId,
-			name:       user.UserName,
-			createDate: user.CreateDate,
-			tags:       user.Tags,
+			svc:              svc,
+			Name:             user.UserName,
+			Path:             user.Path,
+			UserID:           user.UserId,
+			CreateDate:       user.CreateDate,
+			PasswordLastUsed: user.PasswordLastUsed,
+			Tags:             user.Tags,
 		}
 
 		if user.PermissionsBoundary != nil && user.PermissionsBoundary.PermissionsBoundaryArn != nil {
-			resourceUser.hasPermissionBoundary = true
+			resourceUser.HasPermissionBoundary = true
+			resourceUser.PermissionBoundaryARN = user.PermissionsBoundary.PermissionsBoundaryArn
+			resourceUser.PermissionBoundaryType = user.PermissionsBoundary.PermissionsBoundaryType
 		}
 
 		resources = append(resources, resourceUser)
 	}
 
 	return resources, nil
 }
+
+// --------------
+
+// GetIAMUser retries and returns just the *iam.User from the response
+func GetIAMUser(svc iamiface.IAMAPI, userName *string) (*iam.User, error) {
+	resp, err := svc.GetUser(&iam.GetUserInput{
+		UserName: userName,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	return resp.User, err
+}
+
+// ListIAMUsers retrieves a base list of users
+func ListIAMUsers(svc iamiface.IAMAPI) ([]*iam.User, error) {
+	var users []*iam.User
+	if err := svc.ListUsersPages(nil, func(page *iam.ListUsersOutput, lastPage bool) bool {
+		users = append(users, page.Users...)
+		return true
+	}); err != nil {
+		return nil, err
+	}
+
+	return users, nil
+}
diff --git a/resources/iam-user_mock_test.go b/resources/iam-user_mock_test.go
@@ -3,6 +3,7 @@ package resources
 import (
 	"context"
 	"testing"
+	"time"
 
 	"github.com/golang/mock/gomock"
 	"github.com/gotidy/ptr"
@@ -72,10 +73,44 @@ func Test_Mock_IAMUser_Remove(t *testing.T) {
 
 	iamUser := IAMUser{
 		svc:                   mockIAM,
-		name:                  ptr.String("foobar"),
-		hasPermissionBoundary: true,
+		Name:                  ptr.String("foobar"),
+		HasPermissionBoundary: true,
 	}
 
 	err := iamUser.Remove(context.TODO())
 	a.Nil(err)
 }
+
+func Test_Mock_IAMUser_Properties(t *testing.T) {
+	a := assert.New(t)
+
+	now := time.Now().UTC()
+
+	iamUser := IAMUser{
+		Name:             ptr.String("foo"),
+		Path:             ptr.String("/foo"),
+		UserID:           ptr.String("foobar"),
+		CreateDate:       ptr.Time(now),
+		PasswordLastUsed: ptr.Time(now),
+		Tags: []*iam.Tag{
+			{
+				Key:   ptr.String("foo"),
+				Value: ptr.String("bar"),
+			},
+		},
+		HasPermissionBoundary:  true,
+		PermissionBoundaryARN:  ptr.String("arn:aws:iam::123456789012:policy/foo"),
+		PermissionBoundaryType: ptr.String("PermissionsBoundary"),
+	}
+
+	a.Equal("foo", iamUser.String())
+	a.Equal("foobar", iamUser.Properties().Get("UserID"))
+	a.Equal("foo", iamUser.Properties().Get("Name"))
+	a.Equal("true", iamUser.Properties().Get("HasPermissionBoundary"))
+	a.Equal(now.Format(time.RFC3339), iamUser.Properties().Get("CreateDate"))
+	a.Equal(now.Format(time.RFC3339), iamUser.Properties().Get("PasswordLastUsed"))
+	a.Equal("arn:aws:iam::123456789012:policy/foo", iamUser.Properties().Get("PermissionBoundaryARN"))
+	a.Equal("PermissionsBoundary", iamUser.Properties().Get("PermissionBoundaryType"))
+	a.Equal("bar", iamUser.Properties().Get("tag:foo"))
+	a.Equal("/foo", iamUser.Properties().Get("Path"))
+}