diff --git a/packages/core/src/awsService/accessanalyzer/vue/iamPolicyChecks.ts b/packages/core/src/awsService/accessanalyzer/vue/iamPolicyChecks.ts index f6cc5e8cf18..6123e45f59a 100644 --- a/packages/core/src/awsService/accessanalyzer/vue/iamPolicyChecks.ts +++ b/packages/core/src/awsService/accessanalyzer/vue/iamPolicyChecks.ts @@ -179,7 +179,9 @@ export class IamPolicyChecksWebview extends VueWebview { documentType, inputPolicyType: policyType ? policyType : 'None', }) - this.client.config.credentials = new SharedIniFileCredentials() // We need to detect changes in the user's credentials + this.client.config.credentials = new SharedIniFileCredentials({ + profile: `${getProfileName()}`, + }) // We need to detect changes in the user's credentials this.client.validatePolicy( { policyDocument: IamPolicyChecksWebview.editedDocument, @@ -277,6 +279,8 @@ export class IamPolicyChecksWebview extends VueWebview { `${this.region}`, '--config', `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`, + '--profile', + `${getProfileName()}`, ] await this.executeValidatePolicyCommand({ command, @@ -297,7 +301,15 @@ export class IamPolicyChecksWebview extends VueWebview { case 'CloudFormation': { if (isCloudFormationTemplate(document)) { const command = 'cfn-policy-validator' - const args = ['validate', '--template-path', `${document}`, '--region', `${this.region}`] + const args = [ + 'validate', + '--template-path', + `${document}`, + '--region', + `${this.region}`, + '--profile', + `${getProfileName()}`, + ] if (cfnParameterPath !== '') { args.push('--template-configuration-file', `${cfnParameterPath}`) } @@ -357,6 +369,8 @@ export class IamPolicyChecksWebview extends VueWebview { `${tempFilePath}`, '--reference-policy-type', `${policyType}`, + '--profile', + `${getProfileName()}`, ] await this.executeCustomPolicyChecksCommand({ command, @@ -388,6 +402,8 @@ export class IamPolicyChecksWebview extends VueWebview { `${tempFilePath}`, '--reference-policy-type', `${policyType}`, + '--profile', + `${getProfileName()}`, ] if (cfnParameterPath !== '') { args.push('--template-configuration-file', `${cfnParameterPath}`) @@ -448,6 +464,8 @@ export class IamPolicyChecksWebview extends VueWebview { `${this.region}`, '--config', `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`, + '--profile', + `${getProfileName()}`, ] if (actions !== '') { args.push('--actions', `${actions}`) @@ -480,6 +498,8 @@ export class IamPolicyChecksWebview extends VueWebview { `${document}`, '--region', `${this.region}`, + '--profile', + `${getProfileName()}`, ] if (actions !== '') { args.push('--actions', `${actions}`) @@ -525,6 +545,8 @@ export class IamPolicyChecksWebview extends VueWebview { `${this.region}`, '--config', `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`, + '--profile', + `${getProfileName()}`, ] await this.executeCustomPolicyChecksCommand({ command, @@ -551,6 +573,8 @@ export class IamPolicyChecksWebview extends VueWebview { `${document}`, '--region', `${this.region}`, + '--profile', + `${getProfileName()}`, ] if (cfnParameterPath !== '') { args.push('--template-configuration-file', `${cfnParameterPath}`) @@ -925,6 +949,11 @@ export function isJsonPolicyLanguage(document: string) { return policyLanguageFileTypes.some((t) => document.endsWith(t)) } +export function getProfileName(): string | undefined { + // We neeed to split the name on 'profile:' to extract the correct profile name + return globals.awsContext.getCredentialProfileName()?.split('profile:')[1] +} + export class PolicyChecksError extends ToolkitError { constructor(message: string, code: PolicyChecksErrorCode) { super(message, { code }) diff --git a/packages/core/src/test/awsService/accessanalyzer/iamPolicyChecks.test.ts b/packages/core/src/test/awsService/accessanalyzer/iamPolicyChecks.test.ts index 37c6d0fe649..8c3d9d0ddbc 100644 --- a/packages/core/src/test/awsService/accessanalyzer/iamPolicyChecks.test.ts +++ b/packages/core/src/test/awsService/accessanalyzer/iamPolicyChecks.test.ts @@ -155,6 +155,8 @@ describe('validatePolicy', function () { 'us-east-1', '--config', `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`, + '--profile', + 'undefined', ], cfnParameterPathExists: false, documentType, @@ -180,6 +182,8 @@ describe('validatePolicy', function () { IamPolicyChecksWebview.editedDocumentFileName, '--region', 'us-east-1', + '--profile', + 'undefined', '--template-configuration-file', cfnParameterPath, ], @@ -449,6 +453,8 @@ describe('customChecks', function () { 'us-east-1', '--config', `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`, + '--profile', + 'undefined', '--actions', 'action1action2', '--resources', @@ -486,6 +492,8 @@ describe('customChecks', function () { document, '--region', 'us-east-1', + '--profile', + 'undefined', '--actions', 'action1action2', '--resources', @@ -548,6 +556,8 @@ describe('customChecks', function () { 'us-east-1', '--config', `${globals.context.asAbsolutePath(defaultTerraformConfigPath)}`, + '--profile', + 'undefined', ], cfnParameterPathExists: !!cfnParameterPath, documentType, @@ -579,6 +589,8 @@ describe('customChecks', function () { document, '--region', 'us-east-1', + '--profile', + 'undefined', '--template-configuration-file', cfnParameterPath, ], diff --git a/packages/toolkit/.changes/next-release/Bug Fix-2a3bed78-156a-4391-b79d-225ae6d98939.json b/packages/toolkit/.changes/next-release/Bug Fix-2a3bed78-156a-4391-b79d-225ae6d98939.json new file mode 100644 index 00000000000..151c67e2e52 --- /dev/null +++ b/packages/toolkit/.changes/next-release/Bug Fix-2a3bed78-156a-4391-b79d-225ae6d98939.json @@ -0,0 +1,4 @@ +{ + "type": "Bug Fix", + "description": "Policy Checks selected profile is always default" +}