aws: Add iam.GetRole (#3015)

lyft · May 17, 2024 · b42e681 · b42e681
1 parent 3bc4eb7
commit b42e681
Show file tree

Hide file tree

Showing 5 changed files with 36 additions and 0 deletions.
diff --git a/backend/mock/service/awsmock/awsmock.go b/backend/mock/service/awsmock/awsmock.go
@@ -37,6 +37,15 @@ func (s *svc) S3GetAccessPointPolicy(ctx context.Context, account, region, acces
 	}, nil
 }
 
+func (s *svc) GetIAMRole(ctx context.Context, account, region, roleName string) (*iam.GetRoleOutput, error) {
+	return &iam.GetRoleOutput{
+		Role: &iamtypes.Role{
+			RoleName: aws.String(roleName),
+			Arn:      aws.String(fmt.Sprintf("arn:aws:iam::%s:role/%s", account, roleName)),
+		},
+	}, nil
+}
+
 func (s *svc) GetDirectClient(account string, region string) (clutchawsclient.DirectClient, error) {
 	panic("implement me")
 }

diff --git a/backend/service/aws/aws.go b/backend/service/aws/aws.go
@@ -189,6 +189,7 @@ type Client interface {
 	GetCallerIdentity(ctx context.Context, account, region string) (*sts.GetCallerIdentityOutput, error)
 
 	SimulateCustomPolicy(ctx context.Context, account, region string, customPolicySimulatorParams *iam.SimulateCustomPolicyInput) (*iam.SimulateCustomPolicyOutput, error)
+	GetIAMRole(ctx context.Context, account, region, roleName string) (*iam.GetRoleOutput, error)
 
 	Accounts() []string
 	AccountsAndRegions() map[string][]string

diff --git a/backend/service/aws/iam.go b/backend/service/aws/iam.go
@@ -14,3 +14,19 @@ func (c *client) SimulateCustomPolicy(ctx context.Context, account, region strin
 
 	return cl.iam.SimulateCustomPolicy(ctx, customPolicySimulatorParams)
 }
+
+func (c *client) GetIAMRole(
+	ctx context.Context,
+	account,
+	region,
+	roleName string,
+) (*iam.GetRoleOutput, error) {
+	cl, err := c.getAccountRegionClient(account, region)
+	if err != nil {
+		return nil, err
+	}
+
+	return cl.iam.GetRole(ctx, &iam.GetRoleInput{
+		RoleName: &roleName,
+	})
+}
diff --git a/backend/service/aws/iam_test.go b/backend/service/aws/iam_test.go
@@ -14,6 +14,8 @@ import (
 type mockIAM struct {
 	getSimulationResultsErr error
 	getSimulationResults    *iam.SimulateCustomPolicyOutput
+	getGetIAMRoleResultsErr error
+	getGetIAMRoleResults    *iam.GetRoleOutput
 }
 
 func TestIAMSimulateCustomPolicy(t *testing.T) {
@@ -104,3 +106,10 @@ func (m *mockIAM) SimulateCustomPolicy(ctx context.Context, params *iam.Simulate
 	}
 	return m.getSimulationResults, nil
 }
+
+func (m *mockIAM) GetRole(ctx context.Context, params *iam.GetRoleInput, optFns ...func(*iam.Options)) (*iam.GetRoleOutput, error) {
+	if m.getGetIAMRoleResultsErr != nil {
+		return nil, m.getGetIAMRoleResultsErr
+	}
+	return m.getGetIAMRoleResults, nil
+}
diff --git a/backend/service/aws/iface.go b/backend/service/aws/iface.go
@@ -31,6 +31,7 @@ type stsClient interface {
 
 type iamClient interface {
 	SimulateCustomPolicy(ctx context.Context, params *iam.SimulateCustomPolicyInput, optFns ...func(*iam.Options)) (*iam.SimulateCustomPolicyOutput, error)
+	GetRole(ctx context.Context, params *iam.GetRoleInput, optFns ...func(options *iam.Options)) (*iam.GetRoleOutput, error)
 }
 
 type kinesisClient interface {