Support AWS IC permission sets (#14)

cp ../opal/web/backend/router/handlers/public/openapi.yaml api/openapi.yaml
make gen-openapi

.openapi-generator/FILES

@@ -18,6 +18,8 @@ docs/App.md
 docs/AppTypeEnum.md
 docs/AppsApi.md
 docs/AppsList.md
+docs/AwsPermissionSetMetadata.md
+docs/AwsPermissionSetMetadataAwsPermissionSet.md
 docs/CreateGroupInfo.md
 docs/CreateMessageChannelInfo.md
 docs/CreateOnCallScheduleInfo.md
@@ -71,6 +73,7 @@ docs/ResourceRemoteInfoAwsAccount.md
 docs/ResourceRemoteInfoAwsEc2Instance.md
 docs/ResourceRemoteInfoAwsEksCluster.md
 docs/ResourceRemoteInfoAwsIamRole.md
+docs/ResourceRemoteInfoAwsPermissionSet.md
 docs/ResourceRemoteInfoAwsRdsInstance.md
 docs/ResourceRemoteInfoGithubRepo.md
 docs/ResourceRemoteInfoGitlabProject.md
@@ -117,6 +120,8 @@ go.sum
 model_app.go
 model_app_type_enum.go
 model_apps_list.go
+model_aws_permission_set_metadata.go
+model_aws_permission_set_metadata_aws_permission_set.go
 model_create_group_info.go
 model_create_message_channel_info.go
 model_create_on_call_schedule_info.go
@@ -165,6 +170,7 @@ model_resource_remote_info_aws_account.go
 model_resource_remote_info_aws_ec2_instance.go
 model_resource_remote_info_aws_eks_cluster.go
 model_resource_remote_info_aws_iam_role.go
+model_resource_remote_info_aws_permission_set.go
 model_resource_remote_info_aws_rds_instance.go
 model_resource_remote_info_github_repo.go
 model_resource_remote_info_gitlab_project.go

README.md

@@ -157,6 +157,8 @@ Class | Method | HTTP request | Description
  - [App](docs/App.md)
  - [AppTypeEnum](docs/AppTypeEnum.md)
  - [AppsList](docs/AppsList.md)
+ - [AwsPermissionSetMetadata](docs/AwsPermissionSetMetadata.md)
+ - [AwsPermissionSetMetadataAwsPermissionSet](docs/AwsPermissionSetMetadataAwsPermissionSet.md)
  - [CreateGroupInfo](docs/CreateGroupInfo.md)
  - [CreateMessageChannelInfo](docs/CreateMessageChannelInfo.md)
  - [CreateOnCallScheduleInfo](docs/CreateOnCallScheduleInfo.md)
@@ -205,6 +207,7 @@ Class | Method | HTTP request | Description
  - [ResourceRemoteInfoAwsEc2Instance](docs/ResourceRemoteInfoAwsEc2Instance.md)
  - [ResourceRemoteInfoAwsEksCluster](docs/ResourceRemoteInfoAwsEksCluster.md)
  - [ResourceRemoteInfoAwsIamRole](docs/ResourceRemoteInfoAwsIamRole.md)
+ - [ResourceRemoteInfoAwsPermissionSet](docs/ResourceRemoteInfoAwsPermissionSet.md)
  - [ResourceRemoteInfoAwsRdsInstance](docs/ResourceRemoteInfoAwsRdsInstance.md)
  - [ResourceRemoteInfoGithubRepo](docs/ResourceRemoteInfoGithubRepo.md)
  - [ResourceRemoteInfoGitlabProject](docs/ResourceRemoteInfoGitlabProject.md)

api/openapi.yaml

@@ -94,7 +94,6 @@ paths:
         name: start_date_filter
         required: false
         schema:
-          format: date-time
           type: string
         style: form
       - description: An end date filter for the events.
@@ -110,7 +109,6 @@ paths:
         name: end_date_filter
         required: false
         schema:
-          format: date-time
           type: string
         style: form
       - description: An actor filter for the events. Supply the ID of the actor.
@@ -3985,6 +3983,8 @@ components:
       properties:
         aws_account:
           $ref: '#/components/schemas/ResourceRemoteInfo_aws_account'
+        aws_permission_set:
+          $ref: '#/components/schemas/ResourceRemoteInfo_aws_permission_set'
         aws_iam_role:
           $ref: '#/components/schemas/ResourceRemoteInfo_aws_iam_role'
         aws_ec2_instance:
@@ -4599,6 +4599,14 @@ components:
       required:
       - resource_id
       type: object
+    AwsPermissionSetMetadata:
+      description: Metadata for AWS Identity Center permission set.
+      properties:
+        aws_permission_set:
+          $ref: '#/components/schemas/AwsPermissionSetMetadata_aws_permission_set'
+      required:
+      - aws_permission_set
+      type: object
     UpdateResourceInfoList:
       example:
         resources:
@@ -5101,6 +5109,21 @@ components:
       required:
       - account_id
       type: object
+    ResourceRemoteInfo_aws_permission_set:
+      description: Remote info for AWS Identity Center permission set.
+      properties:
+        arn:
+          description: The ARN of the permission set.
+          example: arn:aws:sso:::permissionSet/asdf-32139302d201d32/ps-f03323201211e1b9
+          type: string
+        account_id:
+          description: The ID of an AWS account to which this permission set is provisioned.
+          example: "234234234234"
+          type: string
+      required:
+      - account_id
+      - arn
+      type: object
     ResourceRemoteInfo_aws_iam_role:
       description: Remote info for AWS IAM role.
       properties:
@@ -5237,6 +5260,20 @@ components:
       required:
       - role_name
       type: object
+    AwsPermissionSetMetadata_aws_permission_set:
+      properties:
+        arn:
+          description: The ARN of the permission set.
+          example: arn:aws:sso:::permissionSet/asdf-32139302d201d32/ps-f03323201211e1b9
+          type: string
+        account_id:
+          description: The ID of an AWS account to which this permission set is provisioned.
+          example: "234234234234"
+          type: string
+      required:
+      - account_id
+      - arn
+      type: object
   securitySchemes:
     BearerAuth:
       scheme: bearer

docs/AwsPermissionSetMetadata.md

@@ -0,0 +1,51 @@
+# AwsPermissionSetMetadata
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**AwsPermissionSet** | [**AwsPermissionSetMetadataAwsPermissionSet**](AwsPermissionSetMetadataAwsPermissionSet.md) |  | 
+
+## Methods
+
+### NewAwsPermissionSetMetadata
+
+`func NewAwsPermissionSetMetadata(awsPermissionSet AwsPermissionSetMetadataAwsPermissionSet, ) *AwsPermissionSetMetadata`
+
+NewAwsPermissionSetMetadata instantiates a new AwsPermissionSetMetadata object
+This constructor will assign default values to properties that have it defined,
+and makes sure properties required by API are set, but the set of arguments
+will change when the set of required properties is changed
+
+### NewAwsPermissionSetMetadataWithDefaults
+
+`func NewAwsPermissionSetMetadataWithDefaults() *AwsPermissionSetMetadata`
+
+NewAwsPermissionSetMetadataWithDefaults instantiates a new AwsPermissionSetMetadata object
+This constructor will only assign default values to properties that have it defined,
+but it doesn't guarantee that properties required by API are set
+
+### GetAwsPermissionSet
+
+`func (o *AwsPermissionSetMetadata) GetAwsPermissionSet() AwsPermissionSetMetadataAwsPermissionSet`
+
+GetAwsPermissionSet returns the AwsPermissionSet field if non-nil, zero value otherwise.
+
+### GetAwsPermissionSetOk
+
+`func (o *AwsPermissionSetMetadata) GetAwsPermissionSetOk() (*AwsPermissionSetMetadataAwsPermissionSet, bool)`
+
+GetAwsPermissionSetOk returns a tuple with the AwsPermissionSet field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetAwsPermissionSet
+
+`func (o *AwsPermissionSetMetadata) SetAwsPermissionSet(v AwsPermissionSetMetadataAwsPermissionSet)`
+
+SetAwsPermissionSet sets AwsPermissionSet field to given value.
+
+
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+

docs/AwsPermissionSetMetadataAwsPermissionSet.md

@@ -0,0 +1,72 @@
+# AwsPermissionSetMetadataAwsPermissionSet
+
+## Properties
+
+Name | Type | Description | Notes
+------------ | ------------- | ------------- | -------------
+**Arn** | **string** | The ARN of the permission set. | 
+**AccountId** | **string** | The ID of an AWS account to which this permission set is provisioned. | 
+
+## Methods
+
+### NewAwsPermissionSetMetadataAwsPermissionSet
+
+`func NewAwsPermissionSetMetadataAwsPermissionSet(arn string, accountId string, ) *AwsPermissionSetMetadataAwsPermissionSet`
+
+NewAwsPermissionSetMetadataAwsPermissionSet instantiates a new AwsPermissionSetMetadataAwsPermissionSet object
+This constructor will assign default values to properties that have it defined,
+and makes sure properties required by API are set, but the set of arguments
+will change when the set of required properties is changed
+
+### NewAwsPermissionSetMetadataAwsPermissionSetWithDefaults
+
+`func NewAwsPermissionSetMetadataAwsPermissionSetWithDefaults() *AwsPermissionSetMetadataAwsPermissionSet`
+
+NewAwsPermissionSetMetadataAwsPermissionSetWithDefaults instantiates a new AwsPermissionSetMetadataAwsPermissionSet object
+This constructor will only assign default values to properties that have it defined,
+but it doesn't guarantee that properties required by API are set
+
+### GetArn
+
+`func (o *AwsPermissionSetMetadataAwsPermissionSet) GetArn() string`
+
+GetArn returns the Arn field if non-nil, zero value otherwise.
+
+### GetArnOk
+
+`func (o *AwsPermissionSetMetadataAwsPermissionSet) GetArnOk() (*string, bool)`
+
+GetArnOk returns a tuple with the Arn field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetArn
+
+`func (o *AwsPermissionSetMetadataAwsPermissionSet) SetArn(v string)`
+
+SetArn sets Arn field to given value.
+
+
+### GetAccountId
+
+`func (o *AwsPermissionSetMetadataAwsPermissionSet) GetAccountId() string`
+
+GetAccountId returns the AccountId field if non-nil, zero value otherwise.
+
+### GetAccountIdOk
+
+`func (o *AwsPermissionSetMetadataAwsPermissionSet) GetAccountIdOk() (*string, bool)`
+
+GetAccountIdOk returns a tuple with the AccountId field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetAccountId
+
+`func (o *AwsPermissionSetMetadataAwsPermissionSet) SetAccountId(v string)`
+
+SetAccountId sets AccountId field to given value.
+
+
+
+[[Back to Model list]](../README.md#documentation-for-models) [[Back to API list]](../README.md#documentation-for-api-endpoints) [[Back to README]](../README.md)
+
+

docs/EventsApi.md

@@ -25,13 +25,12 @@ import (
     "context"
     "fmt"
     "os"
-    "time"
     openapiclient "github.com/opalsecurity/opal-go"
 )
 
 func main() {
-    startDateFilter := time.Now() // time.Time | A start date filter for the events. (optional)
-    endDateFilter := time.Now() // time.Time | An end date filter for the events. (optional)
+    startDateFilter := "2021-11-01" // string | A start date filter for the events. (optional)
+    endDateFilter := "2021-11-12" // string | An end date filter for the events. (optional)
     actorFilter := "29827fb8-f2dd-4e80-9576-28e31e9934ac" // string | An actor filter for the events. Supply the ID of the actor. (optional)
     objectFilter := "29827fb8-f2dd-4e80-9576-28e31e9934ac" // string | An object filter for the events. Supply the ID of the object. (optional)
     eventTypeFilter := "29827fb8-f2dd-4e80-9576-28e31e9934ac" // string | An event type filter for the events. (optional)
@@ -61,8 +60,8 @@ Other parameters are passed through a pointer to a apiEventsRequest struct via t
 
 Name | Type | Description  | Notes
 ------------- | ------------- | ------------- | -------------
- **startDateFilter** | **time.Time** | A start date filter for the events. | 
- **endDateFilter** | **time.Time** | An end date filter for the events. | 
+ **startDateFilter** | **string** | A start date filter for the events. | 
+ **endDateFilter** | **string** | An end date filter for the events. | 
  **actorFilter** | **string** | An actor filter for the events. Supply the ID of the actor. | 
  **objectFilter** | **string** | An object filter for the events. Supply the ID of the object. | 
  **eventTypeFilter** | **string** | An event type filter for the events. | 

docs/ResourceRemoteInfo.md

@@ -5,6 +5,7 @@
 Name | Type | Description | Notes
 ------------ | ------------- | ------------- | -------------
 **AwsAccount** | Pointer to [**ResourceRemoteInfoAwsAccount**](ResourceRemoteInfoAwsAccount.md) |  | [optional] 
+**AwsPermissionSet** | Pointer to [**ResourceRemoteInfoAwsPermissionSet**](ResourceRemoteInfoAwsPermissionSet.md) |  | [optional] 
 **AwsIamRole** | Pointer to [**ResourceRemoteInfoAwsIamRole**](ResourceRemoteInfoAwsIamRole.md) |  | [optional] 
 **AwsEc2Instance** | Pointer to [**ResourceRemoteInfoAwsEc2Instance**](ResourceRemoteInfoAwsEc2Instance.md) |  | [optional] 
 **AwsRdsInstance** | Pointer to [**ResourceRemoteInfoAwsRdsInstance**](ResourceRemoteInfoAwsRdsInstance.md) |  | [optional] 
@@ -60,6 +61,31 @@ SetAwsAccount sets AwsAccount field to given value.
 
 HasAwsAccount returns a boolean if a field has been set.
 
+### GetAwsPermissionSet
+
+`func (o *ResourceRemoteInfo) GetAwsPermissionSet() ResourceRemoteInfoAwsPermissionSet`
+
+GetAwsPermissionSet returns the AwsPermissionSet field if non-nil, zero value otherwise.
+
+### GetAwsPermissionSetOk
+
+`func (o *ResourceRemoteInfo) GetAwsPermissionSetOk() (*ResourceRemoteInfoAwsPermissionSet, bool)`
+
+GetAwsPermissionSetOk returns a tuple with the AwsPermissionSet field if it's non-nil, zero value otherwise
+and a boolean to check if the value has been set.
+
+### SetAwsPermissionSet
+
+`func (o *ResourceRemoteInfo) SetAwsPermissionSet(v ResourceRemoteInfoAwsPermissionSet)`
+
+SetAwsPermissionSet sets AwsPermissionSet field to given value.
+
+### HasAwsPermissionSet
+
+`func (o *ResourceRemoteInfo) HasAwsPermissionSet() bool`
+
+HasAwsPermissionSet returns a boolean if a field has been set.
+
 ### GetAwsIamRole
 
 `func (o *ResourceRemoteInfo) GetAwsIamRole() ResourceRemoteInfoAwsIamRole`