1 | exports.types = {
|
2 | ResourceArn: {
|
3 | type: 'String',
|
4 | },
|
5 | Tags: {
|
6 | type: 'List',
|
7 | children: {
|
8 | type: 'ValueStruct<Tag>',
|
9 | children: {
|
10 | Key: 'String',
|
11 | Value: 'String',
|
12 | },
|
13 | },
|
14 | },
|
15 | }
|
16 |
|
17 | exports.custom = function(data, store) {
|
18 | if (data.ResourceArn == null) {
|
19 | return 'Invalid TableArn'
|
20 | }
|
21 |
|
22 | if (!/^.+:.+:.+:.+:.+:.+\/.+$/.test(data.ResourceArn)) {
|
23 | var username = 'dynalite'
|
24 |
|
25 | var accessDeniedError = new Error
|
26 | accessDeniedError.statusCode = 400
|
27 | accessDeniedError.body = {
|
28 | __type: 'com.amazon.coral.service#AccessDeniedException',
|
29 | Message: 'User: arn:aws:iam::' + store.tableDb.awsAccountId + ':' + username + ' is not authorized to perform: ' +
|
30 | 'dynamodb:TagResource on resource: ' + (data.ResourceArn || '*'),
|
31 | }
|
32 | throw accessDeniedError
|
33 | }
|
34 |
|
35 | if (data.Tags == null) {
|
36 | return '1 validation error detected: Value null at \'tags\' failed to satisfy constraint: Member must not be null'
|
37 | }
|
38 |
|
39 | if (!/^arn:aws:dynamodb:.+:\d+:table\/[^/]{2}[^/]+$/.test(data.ResourceArn)) {
|
40 | return 'Invalid TableArn: Invalid ResourceArn provided as input ' + data.ResourceArn
|
41 | }
|
42 |
|
43 | if (!data.Tags.length) {
|
44 | return 'Atleast one Tag needs to be provided as Input.'
|
45 | }
|
46 | }
|