Simple script to lookup IAM resource conditions

iamlookup

#!/bin/bash

set -e
REPO_DIR=~/.iam_lookup/complete-aws-iam-reference
REPO_URL=https://github.com/widdix/complete-aws-iam-reference

if [[ $1 == "update" ]];then
  if [[ -e $REPO_DIR ]];then
    (cd "$REPO_DIR" && git pull)
  else
    git clone "$REPO_URL" "$REPO_DIR"
  fi
  exit
fi

service=$(cut -d ':' -f1 <<<"$1")
action=$(cut -d ':' -f2 <<<"$1")
resource_filter=$2

jq_filter=".[] | select(.service == \"$service\") | select(.action == \"$action\")"
[[ $resource_filter ]] && jq_filter="[$jq_filter | select(.resources[] | contains(\"$resource_filter\"))] | unique"
pushd "$REPO_DIR/tools" > /dev/null
  node ./md2json.js | jq --color-output "$jq_filter" | less
popd > /dev/null