Browse code
Add new AWS arn generator
Edward Langley authored on 25/10/2019 22:06:58
Showing 1 changed files
Showing 1 changed files
... | ... |
@@ -15,6 +15,36 @@ |
15 | 15 |
(format nil "arn:aws:iam::~a:role/cjorganization/~a" |
16 | 16 |
account |
17 | 17 |
role)) |
18 |
+(defclass cj-organization-role () |
|
19 |
+ ((account :initarg :account |
|
20 |
+ :reader account |
|
21 |
+ :initform (error "must pass an account")))) |
|
22 |
+(fw.lu:defclass+ cj-developer-role ((cj-organization-role (account))) |
|
23 |
+ ()) |
|
24 |
+ |
|
25 |
+(defgeneric arn-for (type account resource) |
|
26 |
+ (:method-combination list :most-specific-last) |
|
27 |
+ (:documentation "get the arn for an aws resource") |
|
28 |
+ (:method :around (-t account u) |
|
29 |
+ (format nil "arn:aws:iam::~a:~a" |
|
30 |
+ account |
|
31 |
+ (serapeum:string-join (call-next-method) |
|
32 |
+ "/"))) |
|
33 |
+ (:method list ((type (eql :mfa)) account user) |
|
34 |
+ "mfa") |
|
35 |
+ (:method list ((type (eql :mfa)) account (user string)) |
|
36 |
+ user) |
|
37 |
+ (:method list ((type (eql :role)) account role) |
|
38 |
+ "role") |
|
39 |
+ (:method list ((type (eql :role)) account (role cj-organization-role)) |
|
40 |
+ "cjorganization") |
|
41 |
+ (:method list ((type (eql :role)) account (role cj-developer-role)) |
|
42 |
+ "CJDeveloperAccessRole") |
|
43 |
+ (:method list ((type (eql :role)) account (role string)) |
|
44 |
+ role)) |
|
45 |
+ |
|
46 |
+(defun cj-organization-role-arn (role) |
|
47 |
+ (arn-for :role (account role) role)) |
|
18 | 48 |
|
19 | 49 |
(defun read-new-mfa-token () |
20 | 50 |
(format *query-io* "~&New MFA token: ") |