aws-sdk#SSOAdmin TypeScript Examples
The following examples show how to use
aws-sdk#SSOAdmin.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: handlers.ts From aws-resource-providers with MIT License | 6 votes |
|
@handlerEvent(Action.Create)
@commonAws({ service: SSOAdmin, debug: true })
public async create(action: Action, args: HandlerArgs<ResourceModel>, service: SSOAdmin, model: ResourceModel): Promise<ResourceModel> {
const { clientRequestToken, awsAccountId } = args.request;
const { logger, request, callbackContext } = args;
const loggingContext: LogContext = { handler: action, clientRequestToken, versionCode };
logger.log({ ...loggingContext, request, callbackContext });
model.resourceId = `arn:community::${awsAccountId}:principal-assignments:${model.principalType}:${model.principalId}/${uuidv4()}`;
await compareCreateAndDelete(service, loggingContext, new ResourceModel(), model, logger);
return Promise.resolve(model);
}
Example #2
| Source File: handlers.ts From aws-resource-providers with MIT License | 6 votes |
|
@handlerEvent(Action.Update)
@commonAws({ service: SSOAdmin, debug: true })
public async update(action: Action, args: HandlerArgs<ResourceModel>, service: SSOAdmin, model: ResourceModel): Promise<ResourceModel> {
const { clientRequestToken, previousResourceState } = args.request;
const { logger } = args;
const previous = new ResourceModel(previousResourceState);
const loggingContext: LogContext = { handler: action, clientRequestToken, versionCode };
await compareCreateAndDelete(service, loggingContext, previous, model, logger);
return Promise.resolve(model);
}
Example #3
| Source File: handlers.ts From aws-resource-providers with MIT License | 6 votes |
|
@handlerEvent(Action.Delete)
@commonAws({ service: SSOAdmin, debug: true })
public async delete(action: Action, args: HandlerArgs<ResourceModel>, service: SSOAdmin, model: ResourceModel): Promise<ResourceModel> {
const { clientRequestToken } = args.request;
const { logger } = args;
const loggingContext: LogContext = { handler: action, clientRequestToken, versionCode };
await compareCreateAndDelete(service, loggingContext, model, new ResourceModel({}), logger);
return Promise.resolve(null);
}
Example #4
| Source File: handlers.ts From aws-resource-providers with MIT License | 5 votes |
|
@handlerEvent(Action.Read)
@commonAws({ service: SSOAdmin, debug: true })
public async read(action: Action, args: HandlerArgs<ResourceModel>, service: SSOAdmin, model: ResourceModel): Promise<ResourceModel> {
return Promise.resolve(model);
}
Example #5
| Source File: handlers.test.ts From aws-resource-providers with MIT License | 4 votes |
|
describe('when calling handler', () => {
let testEntrypointPayload: any;
let spySession: jest.SpyInstance;
let spySessionClient: jest.SpyInstance;
let ssoAdmin: AwsServiceMockBuilder<SSOAdmin>;
let createAccountAssignmentMock: AwsFunctionMockBuilder<SSOAdmin>;
let deleteAccountAssignmentMock: AwsFunctionMockBuilder<SSOAdmin>;
let listAccountAssignmentsMock: AwsFunctionMockBuilder<SSOAdmin>;
let describeAccountAssignmentDeletionStatusMock: AwsFunctionMockBuilder<SSOAdmin>;
let describeAccountAssignmentCreationStatusMock: AwsFunctionMockBuilder<SSOAdmin>;
let fixtureMap: Map<Action, Record<string, any>>;
beforeAll(() => {
fixtureMap = new Map<Action, Record<string, any>>();
fixtureMap.set(Action.Create, createFixture);
fixtureMap.set(Action.Delete, deleteFixture);
fixtureMap.set(Action.Read, readFixture);
fixtureMap.set(Action.Update, updateFixture);
});
beforeEach(async () => {
ssoAdmin = on(SSOAdmin, { snapshot: false });
createAccountAssignmentMock = ssoAdmin.mock('createAccountAssignment').resolve({ AccountAssignmentCreationStatus: { RequestId: 'abcdef', Status: 'SUCCEEDED' } });
deleteAccountAssignmentMock = ssoAdmin.mock('deleteAccountAssignment').resolve({ AccountAssignmentDeletionStatus: { RequestId: 'abcdef', Status: 'SUCCEEDED' } });
listAccountAssignmentsMock = ssoAdmin.mock('listAccountAssignments').resolve({
AccountAssignments: [
{
PrincipalId: '123123',
PrincipalType: 'GROUP',
},
],
});
describeAccountAssignmentDeletionStatusMock = ssoAdmin.mock('describeAccountAssignmentDeletionStatus').resolve({ AccountAssignmentDeletionStatus: { RequestId: 'abcdef', Status: 'SUCCESS' } });
describeAccountAssignmentCreationStatusMock = ssoAdmin.mock('describeAccountAssignmentCreationStatus').resolve({ AccountAssignmentCreationStatus: { RequestId: 'abcdef', Status: 'SUCCESS' } });
spySession = jest.spyOn(SessionProxy, 'getSession');
spySessionClient = jest.spyOn<any, any>(SessionProxy.prototype, 'client');
spySessionClient.mockReturnValue(ssoAdmin.instance);
testEntrypointPayload = {
credentials: { accessKeyId: '', secretAccessKey: '', sessionToken: '' },
region: 'us-east-1',
action: 'CREATE',
};
});
afterEach(() => {
jest.clearAllMocks();
jest.restoreAllMocks();
});
test('create will create account assignment for each principal x target', async () => {
const request = fixtureMap.get(Action.Create);
const progress = await resource.testEntrypoint({ ...testEntrypointPayload, action: Action.Create, request }, null);
expect(progress).toMatchObject({ status: OperationStatus.Success, message: '', callbackDelaySeconds: 0 });
expect(progress.resourceModel.serialize()).toMatchObject({
...request.desiredResourceState,
ResourceId: `arn:community::123456789012:principal-assignments:GROUP:123123/${IDENTIFIER}`,
});
expect(createAccountAssignmentMock.mock).toHaveBeenCalledTimes(1);
expect(deleteAccountAssignmentMock.mock).toHaveBeenCalledTimes(0);
});
test('update will create and remove account assignment for each principal x target', async () => {
const request = fixtureMap.get(Action.Update);
const progress = await resource.testEntrypoint({ ...testEntrypointPayload, action: Action.Update, request }, null);
expect(progress).toMatchObject({ status: OperationStatus.Success, message: '', callbackDelaySeconds: 0 });
expect(progress.resourceModel.serialize()).toMatchObject(request.desiredResourceState);
expect(createAccountAssignmentMock.mock).toHaveBeenCalledTimes(1);
expect(deleteAccountAssignmentMock.mock).toHaveBeenCalledTimes(1);
});
test('update will create and remove account assignment for each principal x target', async () => {
const request = fixtureMap.get(Action.Update);
const progress = await resource.testEntrypoint({ ...testEntrypointPayload, action: Action.Update, request }, null);
expect(progress).toMatchObject({ status: OperationStatus.Success, message: '', callbackDelaySeconds: 0 });
expect(progress.resourceModel.serialize()).toMatchObject(request.desiredResourceState);
expect(createAccountAssignmentMock.mock).toHaveBeenCalledTimes(1);
expect(deleteAccountAssignmentMock.mock).toHaveBeenCalledTimes(1);
});
test('delete operation successful - sso assignment group', async () => {
const request = fixtureMap.get(Action.Delete);
const progress = await resource.testEntrypoint({ ...testEntrypointPayload, action: Action.Delete, request }, null);
expect(progress).toMatchObject({ status: OperationStatus.Success, message: '', callbackDelaySeconds: 0 });
expect(progress.resourceModel).toBeNull();
});
test('read operation successful - sso assignment group', async () => {
const request = fixtureMap.get(Action.Read);
const progress = await resource.testEntrypoint({ ...testEntrypointPayload, action: Action.Read, request }, null);
expect(progress).toMatchObject({ status: OperationStatus.Success, message: '', callbackDelaySeconds: 0 });
expect(progress.resourceModel.serialize()).toMatchObject(request.desiredResourceState);
});
test('all operations fail without session - sso assignment group', async () => {
expect.assertions(fixtureMap.size);
spySession.mockReturnValue(null);
for (const [action, request] of fixtureMap) {
const progress = await resource.testEntrypoint({ ...testEntrypointPayload, action, request }, null);
expect(progress.errorCode).toBe(exceptions.InvalidCredentials.name);
}
});
});
Example #6
| Source File: handlers.ts From aws-resource-providers with MIT License | 4 votes |
|
compareCreateAndDelete = async (service: SSOAdmin, loggingContext: LogContext, previousModel: ResourceModel, desiredModel: ResourceModel, logger: Logger) => {
const [previousComparables, desiredCompareables] = await Promise.all([await enumerateComparables(previousModel), await enumerateComparables(desiredModel)]);
logger.log({ ...loggingContext, method: 'compareCreateAndDelete', previousComparables, desiredCompareables });
const getHasAssignment = async (assignmentRequest: DeleteAccountAssignmentRequest | CreateAccountAssignmentRequest): Promise<boolean | undefined> => {
if (assignmentRequest.TargetType !== 'AWS_ACCOUNT') {
return undefined;
}
let response: SSOAdmin.ListAccountAssignmentsResponse = {};
do {
const request: SSOAdmin.ListAccountAssignmentsRequest = {
InstanceArn: assignmentRequest.InstanceArn,
AccountId: assignmentRequest.TargetId,
PermissionSetArn: assignmentRequest.PermissionSetArn,
NextToken: response.NextToken,
};
response = await service.listAccountAssignments(request).promise();
if (response.AccountAssignments && response.AccountAssignments.find((x) => x.PrincipalId === assignmentRequest.PrincipalId)) {
return true;
}
} while (response.NextToken);
return false;
};
const deleteAndWait = async (assignmentRequest: DeleteAccountAssignmentRequest): Promise<void> => {
logger.log({ ...loggingContext, method: 'before deleteAndWait', assignmentRequest });
const response = await service.deleteAccountAssignment(assignmentRequest).promise();
const getHasAssignments = await getHasAssignment(assignmentRequest);
if (getHasAssignments === false) {
logger.log({ ...loggingContext, message: 'no assignment found, skipping', method: 'deleteAndWait', assignmentRequest });
return;
}
let deletionStatus = response.AccountAssignmentDeletionStatus;
while (deletionStatus && deletionStatus.Status === 'IN_PROGRESS') {
await sleep(2000);
const describeDeleteAssignmentRequest = { AccountAssignmentDeletionRequestId: deletionStatus.RequestId, InstanceArn: assignmentRequest.InstanceArn };
const describeStatusResponse = await service.describeAccountAssignmentDeletionStatus(describeDeleteAssignmentRequest).promise();
deletionStatus = describeStatusResponse.AccountAssignmentDeletionStatus;
}
logger.log({ ...loggingContext, method: 'after deleteAndWait', assignmentRequest, deletionStatus });
if (deletionStatus.Status !== 'SUCCEEDED') {
throw new exceptions.InternalFailure(`${deletionStatus.FailureReason}:${assignmentRequest.PrincipalId}, ${assignmentRequest.TargetId} ${assignmentRequest.PermissionSetArn}`);
}
};
const createAndWait = async (createAssignmentRequest: CreateAccountAssignmentRequest): Promise<void> => {
logger.log({ ...loggingContext, method: 'before createAndWait', createAssignmentRequest });
const response = await service.createAccountAssignment(createAssignmentRequest).promise();
const getHasAssignments = await getHasAssignment(createAssignmentRequest);
if (getHasAssignments === true) {
logger.log({ ...loggingContext, message: 'assignment already made, skipping', method: 'createAndWait', createAssignmentRequest });
return;
}
let creationStatus = response.AccountAssignmentCreationStatus;
while (creationStatus && creationStatus.Status === 'IN_PROGRESS') {
await sleep(2000);
const describeCreateAssignmentRequest = { AccountAssignmentCreationRequestId: creationStatus.RequestId, InstanceArn: createAssignmentRequest.InstanceArn };
const describeStatusResponse = await service.describeAccountAssignmentCreationStatus(describeCreateAssignmentRequest).promise();
creationStatus = describeStatusResponse.AccountAssignmentCreationStatus;
}
logger.log({ ...loggingContext, method: 'after createAndWait', createAssignmentRequest, creationStatus });
if (creationStatus.Status !== 'SUCCEEDED') {
throw new exceptions.InternalFailure(
`${creationStatus.FailureReason}: ${createAssignmentRequest.PrincipalId}, ${createAssignmentRequest.TargetId} ${createAssignmentRequest.PermissionSetArn}`
);
}
};
const comparablesToDelete = previousComparables.filter((x) => !desiredCompareables.includes(x));
const comparablesToCreate = desiredCompareables.filter((x) => !previousComparables.includes(x));
logger.log({ ...loggingContext, method: 'compareCreateAndDelete', comparablesToDelete, comparablesToCreate });
logger.log({ ...loggingContext, method: 'before deleting', comparablesToDelete });
for (const deletable of comparablesToDelete) {
const assignmentRequest: DeleteAccountAssignmentRequest = {
...splitComparable(deletable),
InstanceArn: previousModel.instanceArn,
PrincipalId: previousModel.principalId,
PrincipalType: previousModel.principalType,
};
await retryCreateOrDeleteOperation(async () => await deleteAndWait(assignmentRequest), logger);
}
logger.log({ ...loggingContext, method: 'after deleting', comparablesToDelete });
logger.log({ ...loggingContext, method: 'before creating', comparablesToCreate });
for (const creatable of comparablesToCreate) {
const createAssignmentRequest: CreateAccountAssignmentRequest = {
...splitComparable(creatable),
InstanceArn: desiredModel.instanceArn,
PrincipalId: desiredModel.principalId,
PrincipalType: desiredModel.principalType,
};
await retryCreateOrDeleteOperation(async () => await createAndWait(createAssignmentRequest), logger);
}
logger.log({ ...loggingContext, method: 'after creating', comparablesToCreate });
}
