-
Notifications
You must be signed in to change notification settings - Fork 14
/
Copy pathpolicy.go
241 lines (216 loc) · 6.82 KB
/
policy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
package commands
import (
"fmt"
"regexp"
"strconv"
"strings"
"time"
"github.com/abiosoft/ishell"
)
const policyUsage string = `
policy usage: policy <name> [policies...]
Creates a named policy object to be used when creating or update parameters.
Separate multiple policies with spaces. Prints the named policy when no policy
objects are specified. Examples:
/> policy mypolicy Expiration(Timestamp=2018-12-02T21:34:33.000Z) ExpirationNotification(Before=14,Unit=days) NoChangeNotification(After=90,Unit=days)
/> policy mypolicy
Expiration(Timestamp=2018-12-02T21:34:33.000Z)
ExpirationNotification(Before=14,Unit=days)
NoChangeNotification(After=90,Unit=days)
/> policy policy1 Expiration(Timestamp=2018-12-02T21:34:33.000Z)
/> policy policy2 ExpirationNotification(Before=14,Unit=days) NoChangeNotification(After=90,Unit=days)
/> put name=/SomeParameter value=SomeValue type=string tier=advanced policies=[policy1,policy2]
See https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-policies.html
`
const (
ExpirationPolicy = "Expiration"
ExpirationNotificationPolicy = "ExpirationNotification"
NoChangeNotificationPolicy = "NoChangeNotification"
layout = "2006-01-02T15:04:05Z"
)
var policies = map[string]parameterPolicies{}
type Policies interface {
Print() string
}
type parameterPolicies struct {
expiration Expiration
expirationNotification []ExpirationNotification
noChangeNotification []NoChangeNotification
}
type Expiration struct {
Type string
Version string
Attributes ExpirationAttributes
}
type ExpirationAttributes struct {
Timestamp time.Time
}
type ExpirationNotification struct {
Type string
Version string
Attributes ExpirationNotificationAttributes
}
type ExpirationNotificationAttributes struct {
Before int
Unit string
}
type NoChangeNotification struct {
Type string
Version string
Attributes NoChangeNotificationAttributes
}
type NoChangeNotificationAttributes struct {
After int
Unit string
}
func policy(c *ishell.Context) {
if len(c.Args) == 1 {
err := printPolicy(c.Args[0])
if err != nil {
shell.Printf("Error: %s\n", err)
}
} else if len(c.Args) > 1 {
err := createPolicy(c.Args[0], c.Args[1:])
if err != nil {
shell.Printf("Error: %s\n", err)
}
} else {
shell.Println(policyUsage)
}
}
func printPolicy(policyName string) (err error) {
var policyPrinter strings.Builder
for pName, policy := range policies {
if pName == policyName {
fmt.Fprintf(&policyPrinter, "%s", policy.expiration.Print())
for _, e := range policy.expirationNotification {
fmt.Fprintf(&policyPrinter, "%s", e.Print())
}
for _, e := range policy.noChangeNotification {
fmt.Fprintf(&policyPrinter, "%s", e.Print())
}
}
}
shell.Print(policyPrinter.String())
return nil
}
func (exp Expiration) Print() string {
ts := exp.Attributes.Timestamp.Format(time.RFC3339)
var attrs []string
attrs = append(attrs, fmt.Sprintf("Timestamp=%s", ts))
return fmt.Sprintf("%s(%s)\n", ExpirationPolicy, strings.Join(attrs, ","))
}
func (exp ExpirationNotification) Print() string {
before := exp.Attributes.Before
unit := exp.Attributes.Unit
var attrs []string
attrs = append(attrs, fmt.Sprintf("Before=%d", before))
attrs = append(attrs, fmt.Sprintf("Unit=%s", unit))
return fmt.Sprintf("%s(%s)\n", ExpirationNotificationPolicy, strings.Join(attrs, ","))
}
func (nochange NoChangeNotification) Print() string {
after := nochange.Attributes.After
unit := nochange.Attributes.Unit
var attrs []string
attrs = append(attrs, fmt.Sprintf("After=%d", after))
attrs = append(attrs, fmt.Sprintf("Unit=%s", unit))
return fmt.Sprintf("%s(%s)\n", NoChangeNotificationPolicy, strings.Join(attrs, ","))
}
func createPolicy(policyName string, policyArgs []string) (err error) {
var policy parameterPolicies
for _, arg := range policyArgs {
re := regexp.MustCompile(`^([A-Za-z]+)\(([A-z0-9-:\.,=]+)\)`)
p := re.FindStringSubmatch(arg)
if len(p) != 3 {
return fmt.Errorf("unable to validate policy %s", arg)
}
policyType := p[1]
policyAttributes := p[2]
switch policyType {
case ExpirationPolicy:
p, err := parseExpiration(policyAttributes)
if err != nil {
return err
}
policy.expiration = *p
case ExpirationNotificationPolicy:
p, err := parseExpirationNotification(policyAttributes)
if err != nil {
return err
}
policy.expirationNotification = append(policy.expirationNotification, *p)
case NoChangeNotificationPolicy:
p, err := parseNoChangeNotification(policyAttributes)
if err != nil {
return err
}
policy.noChangeNotification = append(policy.noChangeNotification, *p)
default:
return fmt.Errorf("Unable to parse policy type %s with attributes %s", policyType, policyAttributes)
}
}
policies[policyName] = policy
return nil
}
// Expiration(Timestamp=2018-12-02T21:34:33.000Z)
func parseExpiration(attrArgs string) (expiration *Expiration, err error) {
var attributes ExpirationAttributes
parts := trim(strings.Split(attrArgs, ","))
for _, p := range parts {
attrArg := trim(strings.Split(p, "="))
switch strings.ToLower(attrArg[0]) {
case "timestamp":
str := attrArg[1]
attributes.Timestamp, err = time.Parse(layout, str)
if err != nil {
return nil, err
}
default:
return nil, fmt.Errorf("invalid %s attribute %s", ExpirationPolicy, p)
}
}
expiration = &Expiration{ExpirationPolicy, "1.0", attributes}
return expiration, nil
}
// ExpirationNotification(Before=14,Unit=days)
func parseExpirationNotification(attrArgs string) (expNotification *ExpirationNotification, err error) {
var attributes ExpirationNotificationAttributes
parts := trim(strings.Split(attrArgs, ","))
for _, p := range parts {
attrArg := trim(strings.Split(p, "="))
switch strings.ToLower(attrArg[0]) {
case "before":
attributes.Before, err = strconv.Atoi(attrArg[1])
if err != nil {
return nil, err
}
case "unit":
attributes.Unit = attrArg[1]
default:
return nil, fmt.Errorf("invalid %s attribute %s", ExpirationNotificationPolicy, p)
}
}
expNotification = &ExpirationNotification{ExpirationNotificationPolicy, "1.0", attributes}
return expNotification, nil
}
// NoChangeNotification(After=90,Unit=days)
func parseNoChangeNotification(attrArgs string) (noChange *NoChangeNotification, err error) {
var attributes NoChangeNotificationAttributes
parts := trim(strings.Split(attrArgs, ","))
for _, p := range parts {
attrArg := trim(strings.Split(p, "="))
switch strings.ToLower(attrArg[0]) {
case "after":
attributes.After, err = strconv.Atoi(attrArg[1])
if err != nil {
return nil, err
}
case "unit":
attributes.Unit = attrArg[1]
default:
return nil, fmt.Errorf("invalid %s attribute %s", NoChangeNotificationPolicy, p)
}
}
noChange = &NoChangeNotification{NoChangeNotificationPolicy, "1.0", attributes}
return noChange, nil
}