-
Notifications
You must be signed in to change notification settings - Fork 1
/
policy.go
72 lines (56 loc) · 1.34 KB
/
policy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
package g8
import (
"strings"
)
const All = "*"
type Effect int
const (
Allow Effect = iota
Deny
)
func (e Effect) String() string {
switch e {
case Allow:
return "Allow"
case Deny:
return "Deny"
}
return ""
}
type methodARN struct {
// The region where the API is deployed. By default this is set to '*'
Region string
// The AWS account id the policy will be generated for. This is used to create the method ARNs.
AccountID string
// The API Gateway API id. By default this is set to '*'
APIID string
// The name of the stage used in the policy. By default this is set to '*'
Stage string
}
func parseFromMethodARN(rawArn string) methodARN {
tmp := strings.Split(rawArn, ":")
apiGatewayArnTmp := strings.Split(tmp[5], "/")
awsAccountID := tmp[4]
return methodARN{
AccountID: awsAccountID,
Region: tmp[3],
APIID: apiGatewayArnTmp[0],
Stage: apiGatewayArnTmp[1],
}
}
func (r *methodARN) buildResourceARN(verb, resource string) string {
var str strings.Builder
str.WriteString("arn:aws:execute-api:")
str.WriteString(r.Region)
str.WriteString(":")
str.WriteString(r.AccountID)
str.WriteString(":")
str.WriteString(r.APIID)
str.WriteString("/")
str.WriteString(r.Stage)
str.WriteString("/")
str.WriteString(verb)
str.WriteString("/")
str.WriteString(strings.TrimLeft(resource, "/"))
return str.String()
}