feat(iamRole): Add lastUsedDate

Author: M1kep

src/services/iamRole/data.ts

@@ -5,7 +5,7 @@ import isEmpty from 'lodash/isEmpty'
 import { AWSError } from 'aws-sdk/lib/error'
 
 import IAM, {
-  AttachedPolicy,
+  AttachedPolicy, GetRoleResponse,
   ListAttachedRolePoliciesResponse,
   ListRolePoliciesResponse,
   ListRolesResponse,
@@ -43,6 +43,35 @@ export interface RawAwsIamRole extends Omit<Role, 'Tags'> {
   Tags?: TagMap
 }
 
+const roleByRoleName = async (
+    iam: IAM,
+    { RoleName }: Role
+): Promise<{RoleName: string; Role: Role}> =>
+    new Promise(resolve => {
+        iam.getRole(
+            { RoleName },
+            (err: AWSError, data: GetRoleResponse) => {
+                if (err) {
+                    errorLog.generateAwsErrorLog({
+                        err,
+                        functionName: 'iam:getRole',
+                    })
+                }
+
+                if (!isEmpty(data)) {
+                    const {Role} = data
+
+                    resolve({
+                        RoleName,
+                        Role,
+                    })
+                }
+
+                resolve(null)
+            }
+        )
+    })
+
 const tagsByRoleName = async (
   iam: IAM,
   { RoleName }: Role
@@ -136,6 +165,7 @@ export const listIamRoles = async (
     const policiesByRoleNamePromises = []
     const tagsByRoleNamePromises = []
     const managedPoliciesByRoleNamePromises = []
+    const roleByRoleNamePromises: Promise<{RoleName: string; Role: Role}>[] = []
 
     iam.listRoles(
       { Marker: marker },
@@ -155,13 +185,15 @@ export const listIamRoles = async (
             managedPoliciesByRoleNamePromises.push(
               managedPoliciesByRoleName(iam, role)
             )
+            roleByRoleNamePromises.push(roleByRoleName(iam, role))
           })
 
           const tags = await Promise.all(tagsByRoleNamePromises)
           const policies = await Promise.all(policiesByRoleNamePromises)
           const managedPolicies = await Promise.all(
             managedPoliciesByRoleNamePromises
           )
+          const detailedRoles = await Promise.all(roleByRoleNamePromises)
 
           result.push(
             ...roles.map(
@@ -173,6 +205,7 @@ export const listIamRoles = async (
                   ),
                   ...role,
                   region: globalRegionName,
+                  RoleLastUsed: detailedRoles?.find(r => r.RoleName === RoleName)?.Role.RoleLastUsed,
                   Policies:
                     policies
                       ?.filter(p => p?.RoleName === RoleName)

src/services/iamRole/format.ts

@@ -21,6 +21,7 @@ export default ({
     Path: path = '',
     CreateDate: createdAt,
     Description: description = '',
+    RoleLastUsed,
     AssumeRolePolicyDocument: assumeRolePolicy = '',
     MaxSessionDuration: maxSessionDuration = 0,
     Policies: inlinePolicies = [],
@@ -38,6 +39,7 @@ export default ({
     path,
     createdAt: createdAt?.toISOString() || '',
     description,
+    lastUsedDate: RoleLastUsed?.LastUsedDate?.toISOString() || null,
     rawPolicy: assumeRolePolicy,
     assumeRolePolicy: formatIamJsonPolicy(assumeRolePolicy),
     maxSessionDuration,

src/services/iamRole/schema.graphql

@@ -5,6 +5,7 @@ type awsIamRole implements awsBaseService @key(fields: "id") {
   assumeRolePolicy: awsIamJSONPolicy
   description: String @search(by: [hash, regexp])
   createdAt: String @search(by: [hash, regexp])
+  lastUsedDate: DateTime @search(by: [day])
   maxSessionDuration: Int @search
   tags: [awsRawTag]
   inlinePolicies: [String]

src/types/generated.ts

@@ -3182,6 +3182,7 @@ export type AwsIamRole = AwsBaseService & {
   inlinePolicies?: Maybe<Array<Maybe<Scalars['String']>>>;
   kinesisFirehose?: Maybe<Array<Maybe<AwsKinesisFirehose>>>;
   lambda?: Maybe<Array<Maybe<AwsLambda>>>;
+  lastUsedDate?: Maybe<Scalars['DateTime']>;
   managedAirflows?: Maybe<Array<Maybe<AwsManagedAirflow>>>;
   maxSessionDuration?: Maybe<Scalars['Int']>;
   name?: Maybe<Scalars['String']>;