func()

in tflint-ruleset-aws-serverless/rules/aws_iam_role_lambda_no_star.go [70:104]

• 31 lines of code
• 11 McCabe index (conditional complexity)

func (r *AwsIamRoleLambdaNoStarRule) matchPrincipal(runner tflint.Runner, policy *hcl.Attribute) (bool, error) {
	var assumeAttrValue string
	err := runner.EvaluateExpr(policy.Expr, &assumeAttrValue, nil)
	if err != nil {
		return false, err
	}

	assumeRolePolicy := awsIamAssumeRole{}
	err = json.Unmarshal([]byte(assumeAttrValue), &assumeRolePolicy)
	if err != nil {
		return false, err
	}

	for _, principalName := range r.principalNames {
		for _, statement := range assumeRolePolicy.Statement {
			if principalService, ok := statement.Principal["Service"]; ok {
				switch principalService := principalService.(type) {
				case string:
					if principalService == principalName {
						return true, nil
					}
				case []string:
					for i := range principalService {
						if principalService[i] == principalName {
							return true, nil
						}
					}
				}
			}

		}
	}

	return false, nil
}