in internal/resources/providers/awslib/iam/user.go [226:279]
func (p Provider) getCredentialReport(ctx context.Context) (map[string]*CredentialReport, error) {
report, err := p.client.GetCredentialReport(ctx, &iamsdk.GetCredentialReportInput{})
if err != nil {
var awsFailErr *types.ServiceFailureException
if errors.As(err, &awsFailErr) {
return nil, fmt.Errorf("could not gather aws iam credential report: %w", err)
}
// if we have an error, and it is not a server err we generate a report
var apiErr smithy.APIError
if errors.As(err, &apiErr) {
if apiErr.ErrorCode() == "ReportNotPresent" || apiErr.ErrorCode() == "ReportExpired" {
// generate a new report
_, err = p.client.GenerateCredentialReport(ctx, &iamsdk.GenerateCredentialReportInput{})
if err != nil {
return nil, fmt.Errorf("failed to generate credential report: %w", err)
}
}
}
// loop until max retries or till the report is ready
countRetries := 0
report, err = p.client.GetCredentialReport(ctx, &iamsdk.GetCredentialReportInput{})
if errors.As(err, &apiErr) {
for apiErr.ErrorCode() == "NoSuchEntity" || apiErr.ErrorCode() == "ReportInProgress" {
if countRetries >= maxRetries {
return nil, fmt.Errorf("reached max retries: %w", err)
}
report, err = p.client.GetCredentialReport(ctx, &iamsdk.GetCredentialReportInput{})
if err == nil {
break
}
countRetries++
time.Sleep(interval)
}
}
}
if report == nil {
if err != nil {
return nil, fmt.Errorf("could not gather aws iam credential report: %w", err)
}
return nil, nil
}
parsedReport, err := parseCredentialsReport(report)
if err != nil {
return nil, fmt.Errorf("fail to parse credentials report: %w", err)
}
return parsedReport, nil
}