in configTools/src/main/scala/com/gu/janus/config/Loader.scala [61:92]
private[config] def loadPermissions(
config: Config,
accounts: Set[AwsAccount]
): Either[String, Set[Permission]] = {
for {
configuredPermissions <- config
.as[ConfiguredPermissions]("janus")
.left
.map(err =>
s"Failed to load permissions from path `janus`: ${err.getMessage}"
)
permissions <- configuredPermissions.permissions.traverse {
configuredPermission =>
for {
account <- accounts
.find(_.authConfigKey == configuredPermission.account)
.toRight(
s"Account `${configuredPermission.account}` is referenced in a permission (${configuredPermission.label}) but is not defined in the list of AwsAccounts"
)
} yield {
Permission(
account = account,
label = configuredPermission.label,
description = configuredPermission.description,
policy = configuredPermission.policy,
managedPolicyArns = configuredPermission.managedPolicyArns,
shortTerm = configuredPermission.shortTerm
)
}
}
} yield permissions.toSet
}