README
¶
AWS-Policy
AWS have an amazing SDK for Go with all API functions output typed, and works like clockwork ... until IAM policy documents appear.
AWS describes the policy document in SDK (GetPolicyVersion function ), textually The policy document returned in this structure is URL-encoded compliant with RFC 3986 (https://tools.ietf.org/html/rfc3986)
In practice, it is raw data, and parsing is difficult due to it's structure depends on the policy, and not all fields always appear.
To achieve this I have used golang generics and it seems to work pretty well.
Issues
Feel free to submit issues and enhancement requests.
Please fork this project and open a PR to submit it.
Documentation
¶
Overview ¶
Package policy provides a custom function to unmarshal AWS policies.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Policy ¶
type Policy struct {
Version string `json:"Version"`
ID string `json:"ID,omitempty"`
Statements []Statement `json:"Statement"`
}
Policy represents an AWS iam policy document
func (*Policy) UnmarshalJSON ¶
UnmarshalJSON decodifies input JSON info to awsPolicy type
type Statement ¶
type Statement struct {
StatementID string `json:"StatementID,omitempty"` // Statement ID, service specific
Effect string `json:"Effect"` // Allow or Deny
Principal map[string][]string `json:"Principal,omitempty"` // principal that is allowed or denied
NotPrincipal map[string][]string `json:"NotPrincipal,omitempty"` // exception to a list of principals
Action []string `json:"Action"` // allowed or denied action
NotAction []string `json:"NotAction,omitempty"` // matches everything except
Resource []string `json:"Resource,omitempty"` // object or objects that the statement covers
NotResource []string `json:"NotResource,omitempty"` // matches everything except
Condition []string `json:"Condition,omitempty"` // conditions for when a policy is in effect
}
Statement represents body of AWS iam policy document
Source Files