Merge master into feature/q-dev-execution

Author: aws-toolkit-automation

packages/core/src/awsService/accessanalyzer/vue/iamPolicyChecks.ts

@@ -179,7 +179,9 @@ export class IamPolicyChecksWebview extends VueWebview {
                             documentType,
                             inputPolicyType: policyType ? policyType : 'None',
                         })
-                        this.client.config.credentials = new SharedIniFileCredentials() // We need to detect changes in the user's credentials
+                        this.client.config.credentials = new SharedIniFileCredentials({
+                            profile: `${getProfileName()}`,
+                        }) // We need to detect changes in the user's credentials
                         this.client.validatePolicy(
                             {
                                 policyDocument: IamPolicyChecksWebview.editedDocument,
@@ -277,6 +279,8 @@ export class IamPolicyChecksWebview extends VueWebview {
                         `${this.region}`,
                         '--config',
                         `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`,
+                        '--profile',
+                        `${getProfileName()}`,
                     ]
                     await this.executeValidatePolicyCommand({
                         command,
@@ -297,7 +301,15 @@ export class IamPolicyChecksWebview extends VueWebview {
             case 'CloudFormation': {
                 if (isCloudFormationTemplate(document)) {
                     const command = 'cfn-policy-validator'
-                    const args = ['validate', '--template-path', `${document}`, '--region', `${this.region}`]
+                    const args = [
+                        'validate',
+                        '--template-path',
+                        `${document}`,
+                        '--region',
+                        `${this.region}`,
+                        '--profile',
+                        `${getProfileName()}`,
+                    ]
                     if (cfnParameterPath !== '') {
                         args.push('--template-configuration-file', `${cfnParameterPath}`)
                     }
@@ -357,6 +369,8 @@ export class IamPolicyChecksWebview extends VueWebview {
                         `${tempFilePath}`,
                         '--reference-policy-type',
                         `${policyType}`,
+                        '--profile',
+                        `${getProfileName()}`,
                     ]
                     await this.executeCustomPolicyChecksCommand({
                         command,
@@ -388,6 +402,8 @@ export class IamPolicyChecksWebview extends VueWebview {
                         `${tempFilePath}`,
                         '--reference-policy-type',
                         `${policyType}`,
+                        '--profile',
+                        `${getProfileName()}`,
                     ]
                     if (cfnParameterPath !== '') {
                         args.push('--template-configuration-file', `${cfnParameterPath}`)
@@ -448,6 +464,8 @@ export class IamPolicyChecksWebview extends VueWebview {
                         `${this.region}`,
                         '--config',
                         `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`,
+                        '--profile',
+                        `${getProfileName()}`,
                     ]
                     if (actions !== '') {
                         args.push('--actions', `${actions}`)
@@ -480,6 +498,8 @@ export class IamPolicyChecksWebview extends VueWebview {
                         `${document}`,
                         '--region',
                         `${this.region}`,
+                        '--profile',
+                        `${getProfileName()}`,
                     ]
                     if (actions !== '') {
                         args.push('--actions', `${actions}`)
@@ -525,6 +545,8 @@ export class IamPolicyChecksWebview extends VueWebview {
                         `${this.region}`,
                         '--config',
                         `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`,
+                        '--profile',
+                        `${getProfileName()}`,
                     ]
                     await this.executeCustomPolicyChecksCommand({
                         command,
@@ -551,6 +573,8 @@ export class IamPolicyChecksWebview extends VueWebview {
                         `${document}`,
                         '--region',
                         `${this.region}`,
+                        '--profile',
+                        `${getProfileName()}`,
                     ]
                     if (cfnParameterPath !== '') {
                         args.push('--template-configuration-file', `${cfnParameterPath}`)
@@ -925,6 +949,11 @@ export function isJsonPolicyLanguage(document: string) {
     return policyLanguageFileTypes.some((t) => document.endsWith(t))
 }
 
+export function getProfileName(): string | undefined {
+    // We neeed to split the name on 'profile:' to extract the correct profile name
+    return globals.awsContext.getCredentialProfileName()?.split('profile:')[1]
+}
+
 export class PolicyChecksError extends ToolkitError {
     constructor(message: string, code: PolicyChecksErrorCode) {
         super(message, { code })

packages/core/src/test/awsService/accessanalyzer/iamPolicyChecks.test.ts

@@ -155,6 +155,8 @@ describe('validatePolicy', function () {
                 'us-east-1',
                 '--config',
                 `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`,
+                '--profile',
+                'undefined',
             ],
             cfnParameterPathExists: false,
             documentType,
@@ -180,6 +182,8 @@ describe('validatePolicy', function () {
                 IamPolicyChecksWebview.editedDocumentFileName,
                 '--region',
                 'us-east-1',
+                '--profile',
+                'undefined',
                 '--template-configuration-file',
                 cfnParameterPath,
             ],
@@ -449,6 +453,8 @@ describe('customChecks', function () {
                     'us-east-1',
                     '--config',
                     `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`,
+                    '--profile',
+                    'undefined',
                     '--actions',
                     'action1action2',
                     '--resources',
@@ -486,6 +492,8 @@ describe('customChecks', function () {
                     document,
                     '--region',
                     'us-east-1',
+                    '--profile',
+                    'undefined',
                     '--actions',
                     'action1action2',
                     '--resources',
@@ -548,6 +556,8 @@ describe('customChecks', function () {
                     'us-east-1',
                     '--config',
                     `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`,
+                    '--profile',
+                    'undefined',
                 ],
                 cfnParameterPathExists: !!cfnParameterPath,
                 documentType,
@@ -579,6 +589,8 @@ describe('customChecks', function () {
                     document,
                     '--region',
                     'us-east-1',
+                    '--profile',
+                    'undefined',
                     '--template-configuration-file',
                     cfnParameterPath,
                 ],

packages/toolkit/.changes/next-release/Bug Fix-2a3bed78-156a-4391-b79d-225ae6d98939.json

@@ -0,0 +1,4 @@
+{
+	"type": "Bug Fix",
+	"description": "Policy Checks selected profile is always default"
+}