2020-12-09 15:31:34 +00:00
|
|
|
package aws
|
|
|
|
|
|
2021-05-11 15:02:08 +00:00
|
|
|
import (
|
|
|
|
|
"github.com/cloudskiff/driftctl/pkg/resource"
|
|
|
|
|
)
|
2021-03-25 11:13:52 +00:00
|
|
|
|
2020-12-09 15:31:34 +00:00
|
|
|
const AwsIamAccessKeyResourceType = "aws_iam_access_key"
|
|
|
|
|
|
2021-05-11 15:02:08 +00:00
|
|
|
func initAwsIAMAccessKeyMetaData(resourceSchemaRepository resource.SchemaRepositoryInterface) {
|
2021-05-24 15:19:06 +00:00
|
|
|
resourceSchemaRepository.SetNormalizeFunc(AwsIamAccessKeyResourceType, func(res *resource.AbstractResource) {
|
|
|
|
|
val := res.Attrs
|
2021-05-11 15:02:08 +00:00
|
|
|
// As we can't read secrets from aws API once access_key created we need to set
|
|
|
|
|
// fields retrieved from state to nil to avoid drift
|
|
|
|
|
// We can't detect drift if we cannot retrieve latest value from aws API for fields like secrets, passwords etc ...
|
|
|
|
|
val.SafeDelete([]string{"secret"})
|
|
|
|
|
val.SafeDelete([]string{"ses_smtp_password_v4"})
|
2021-06-01 13:38:14 +00:00
|
|
|
val.SafeDelete([]string{"encrypted_secret"})
|
|
|
|
|
val.SafeDelete([]string{"key_fingerprint"})
|
|
|
|
|
val.SafeDelete([]string{"pgp_key"})
|
2021-05-11 15:02:08 +00:00
|
|
|
})
|
2021-05-21 14:09:45 +00:00
|
|
|
resourceSchemaRepository.SetHumanReadableAttributesFunc(AwsIamAccessKeyResourceType, func(res *resource.AbstractResource) map[string]string {
|
|
|
|
|
val := res.Attrs
|
|
|
|
|
attrs := make(map[string]string)
|
|
|
|
|
if user := val.GetString("user"); user != nil && *user != "" {
|
|
|
|
|
attrs["User"] = *user
|
|
|
|
|
}
|
|
|
|
|
return attrs
|
|
|
|
|
})
|
2021-05-11 15:02:08 +00:00
|
|
|
}
|
