From 8b4358684f87c4a3df2bd25f4617bdbc495d53cd Mon Sep 17 00:00:00 2001
From: optplx <thomasla@voodoo.io>
Date: Sat, 7 Jan 2023 22:30:55 +0100
Subject: [PATCH] feat(iam-role): add properties to policies and instance
 profile)

---
 resources/iam-instance-profile-roles.go  | 17 ++++++++++----
 resources/iam-role-policy-attachments.go | 23 ++++++++++--------
 resources/iam-role-policy.go             | 17 ++++++++------
 resources/iam-roles.go                   | 30 +++++++++++++++---------
 4 files changed, 54 insertions(+), 33 deletions(-)

diff --git a/resources/iam-instance-profile-roles.go b/resources/iam-instance-profile-roles.go
index 30bcb206e..4033423e8 100644
--- a/resources/iam-instance-profile-roles.go
+++ b/resources/iam-instance-profile-roles.go
@@ -2,6 +2,7 @@ package resources
 
 import (
 	"fmt"
+	"time"
 
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/iam"
@@ -11,7 +12,7 @@ import (
 
 type IAMInstanceProfileRole struct {
 	svc     *iam.IAM
-	role    string
+	role    *iam.Role
 	profile *iam.InstanceProfile
 }
 
@@ -43,13 +44,13 @@ func ListIAMInstanceProfileRoles(sess *session.Session) ([]Resource, error) {
 
 				resources = append(resources, &IAMInstanceProfileRole{
 					svc:     svc,
-					role:    *outRole.RoleName,
+					role:    outRole,
 					profile: profile,
 				})
 			}
 		}
 
-		if *resp.IsTruncated == false {
+		if !*resp.IsTruncated {
 			break
 		}
 
@@ -63,7 +64,7 @@ func (e *IAMInstanceProfileRole) Remove() error {
 	_, err := e.svc.RemoveRoleFromInstanceProfile(
 		&iam.RemoveRoleFromInstanceProfileInput{
 			InstanceProfileName: e.profile.InstanceProfileName,
-			RoleName:            &e.role,
+			RoleName:            e.role.RoleName,
 		})
 	if err != nil {
 		return err
@@ -85,7 +86,13 @@ func (e *IAMInstanceProfileRole) Properties() types.Properties {
 
 	properties.
 		Set("InstanceProfile", e.profile.InstanceProfileName).
-		Set("InstanceRole", e.role)
+		Set("InstanceRole", e.role.RoleName).
+		Set("role:Path", e.role.Path).
+		Set("role:CreateDate", e.role.CreateDate.Format(time.RFC3339)).
+		Set("role:LastUsedDate", getLastUsedDate(e.role, time.RFC3339))
 
+	for _, tagValue := range e.role.Tags {
+		properties.SetTagWithPrefix("role", tagValue.Key, tagValue.Value)
+	}
 	return properties
 }
diff --git a/resources/iam-role-policy-attachments.go b/resources/iam-role-policy-attachments.go
index 6982ee118..ca463e765 100644
--- a/resources/iam-role-policy-attachments.go
+++ b/resources/iam-role-policy-attachments.go
@@ -3,6 +3,7 @@ package resources
 import (
 	"fmt"
 	"strings"
+	"time"
 
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/iam"
@@ -14,8 +15,7 @@ type IAMRolePolicyAttachment struct {
 	svc        *iam.IAM
 	policyArn  string
 	policyName string
-	roleName   string
-	roleTags   []*iam.Tag
+	role       *iam.Role
 }
 
 func init() {
@@ -56,12 +56,11 @@ func ListIAMRolePolicyAttachments(sess *session.Session) ([]Resource, error) {
 						svc:        svc,
 						policyArn:  *pol.PolicyArn,
 						policyName: *pol.PolicyName,
-						roleName:   *role.RoleName,
-						roleTags:   role.Tags,
+						role:       role,
 					})
 				}
 
-				if *polResp.IsTruncated == false {
+				if !*polResp.IsTruncated {
 					break
 				}
 
@@ -69,7 +68,7 @@ func ListIAMRolePolicyAttachments(sess *session.Session) ([]Resource, error) {
 			}
 		}
 
-		if *roleResp.IsTruncated == false {
+		if !*roleResp.IsTruncated {
 			break
 		}
 
@@ -90,7 +89,7 @@ func (e *IAMRolePolicyAttachment) Remove() error {
 	_, err := e.svc.DetachRolePolicy(
 		&iam.DetachRolePolicyInput{
 			PolicyArn: &e.policyArn,
-			RoleName:  &e.roleName,
+			RoleName:  e.role.RoleName,
 		})
 	if err != nil {
 		return err
@@ -101,15 +100,19 @@ func (e *IAMRolePolicyAttachment) Remove() error {
 
 func (e *IAMRolePolicyAttachment) Properties() types.Properties {
 	properties := types.NewProperties().
-		Set("RoleName", e.roleName).
+		Set("RoleName", e.role.RoleName).
+		Set("RolePath", e.role.Path).
+		Set("RoleLastUsed", getLastUsedDate(e.role, time.RFC3339)).
+		Set("RoleCreateDate", e.role.CreateDate.Format(time.RFC3339)).
 		Set("PolicyName", e.policyName).
 		Set("PolicyArn", e.policyArn)
-	for _, tag := range e.roleTags {
+
+	for _, tag := range e.role.Tags {
 		properties.SetTagWithPrefix("role", tag.Key, tag.Value)
 	}
 	return properties
 }
 
 func (e *IAMRolePolicyAttachment) String() string {
-	return fmt.Sprintf("%s -> %s", e.roleName, e.policyName)
+	return fmt.Sprintf("%s -> %s", *e.role.RoleName, e.policyName)
 }
diff --git a/resources/iam-role-policy.go b/resources/iam-role-policy.go
index 6ad2f7f5e..312e4f90b 100644
--- a/resources/iam-role-policy.go
+++ b/resources/iam-role-policy.go
@@ -3,6 +3,7 @@ package resources
 import (
 	"fmt"
 	"strings"
+	"time"
 
 	"github.com/sirupsen/logrus"
 
@@ -62,7 +63,7 @@ func ListIAMRolePolicies(sess *session.Session) ([]Resource, error) {
 					})
 				}
 
-				if *policies.IsTruncated == false {
+				if !*policies.IsTruncated {
 					break
 				}
 
@@ -70,7 +71,7 @@ func ListIAMRolePolicies(sess *session.Session) ([]Resource, error) {
 			}
 		}
 
-		if *roles.IsTruncated == false {
+		if !*roles.IsTruncated {
 			break
 		}
 
@@ -101,11 +102,13 @@ func (e *IAMRolePolicy) Remove() error {
 }
 
 func (e *IAMRolePolicy) Properties() types.Properties {
-	properties := types.NewProperties()
-	properties.Set("PolicyName", e.policyName)
-	properties.Set("role:RoleName", e.role.RoleName)
-	properties.Set("role:RoleID", e.role.RoleId)
-	properties.Set("role:Path", e.role.Path)
+	properties := types.NewProperties().
+		Set("PolicyName", e.policyName).
+		Set("role:RoleName", e.role.RoleName).
+		Set("role:RoleID", e.role.RoleId).
+		Set("role:Path", e.role.Path).
+		Set("role:LastUsed", getLastUsedDate(&e.role, time.RFC3339)).
+		Set("role:CreateDate", e.role.CreateDate.Format(time.RFC3339))
 
 	for _, tagValue := range e.role.Tags {
 		properties.SetTagWithPrefix("role", tagValue.Key, tagValue.Value)
diff --git a/resources/iam-roles.go b/resources/iam-roles.go
index 14ba91d9f..875f70ae6 100644
--- a/resources/iam-roles.go
+++ b/resources/iam-roles.go
@@ -59,7 +59,7 @@ func ListIAMRoles(sess *session.Session) ([]Resource, error) {
 			})
 		}
 
-		if *resp.IsTruncated == false {
+		if !*resp.IsTruncated {
 			break
 		}
 
@@ -88,22 +88,30 @@ func (e *IAMRole) Remove() error {
 }
 
 func (role *IAMRole) Properties() types.Properties {
-	properties := types.NewProperties()
+	properties := types.NewProperties().
+		Set("CreateDate", role.role.CreateDate.Format(time.RFC3339)).
+		Set("LastUsedDate", getLastUsedDate(role.role, time.RFC3339)).
+		Set("Name", role.name).
+		Set("Path", role.path)
+
 	for _, tagValue := range role.role.Tags {
 		properties.SetTag(tagValue.Key, tagValue.Value)
 	}
-	properties.Set("CreateDate", role.role.CreateDate.Format(time.RFC3339))
-	if role.role.RoleLastUsed.LastUsedDate == nil {
-		properties.Set("LastUsedDate", role.role.CreateDate.Format(time.RFC3339))
-	} else {
-		properties.Set("LastUsedDate", role.role.RoleLastUsed.LastUsedDate.Format(time.RFC3339))
-	}
-	properties.
-		Set("Name", role.name).
-		Set("Path", role.path)
+
 	return properties
 }
 
 func (e *IAMRole) String() string {
 	return e.name
 }
+
+func getLastUsedDate(role *iam.Role, format string) string {
+	var lastUsedDate *time.Time
+	if role.RoleLastUsed.LastUsedDate == nil {
+		lastUsedDate = role.CreateDate
+	} else {
+		lastUsedDate = role.RoleLastUsed.LastUsedDate
+	}
+
+	return lastUsedDate.Format(format)
+}