🔥

memo

2024/12/25に公開

abac
PrincipalTagじゃないと機能しないので注意

//create iam role: switch role for manager
    const iamRoleCdkDeploy = new iam.Role(this, 'iamRoleCdkDeploy', {
      roleName: 'pan-iam-role-switch-cdk-deploy-all',
      assumedBy: new iam.PrincipalWithConditions(
        new iam.AccountRootPrincipal(), // AWS アカウント全体を指定
        {
          'StringEquals': {
            'aws:PrincipalTag/CdkDeploy': 'Enable'  // タグ制御
          }
        }
      ),
    });
#!/bin/bash

output_file="output.csv"
temp_file="temp_output.csv"

echo "Name, Alarm Arn" > "${temp_file}"

for file in $(\find ./alarms/*.eml); do
  alarm_name=$(grep "^- Name:" "${file}" | sed 's/^- Name:\s*//' | tr -d '\r')
  echo "$alarm_name"
  alarm_arn=$(grep "^- Alarm Arn:" "${file}" | sed 's/^- Alarm Arn:\s*//')
  echo "${alarm_arn}"
  
  if [[ -n $alarm_name && -n $alarm_arn ]]; then
    echo "$alarm_name, $alarm_arn" >> "${temp_file}"
  fi
done

sort "${temp_file}" | uniq > "${output_file}"
# shellcheck disable=SC1079
rm "${temp_file}"

echo "CSVファイルができたよ"

Discussion