1 | exports.types = {
|
2 | ResourceArn: {
|
3 | type: 'String',
|
4 | },
|
5 | TagKeys: {
|
6 | type: 'List',
|
7 | children: 'String',
|
8 | },
|
9 | }
|
10 |
|
11 | exports.custom = function(data, store) {
|
12 | if (data.ResourceArn == null) {
|
13 | return 'Invalid TableArn'
|
14 | }
|
15 |
|
16 | if (!/^.+:.+:.+:.+:.+:.+\/.+$/.test(data.ResourceArn)) {
|
17 | var username = 'dynalite'
|
18 |
|
19 | var accessDeniedError = new Error
|
20 | accessDeniedError.statusCode = 400
|
21 | accessDeniedError.body = {
|
22 | __type: 'com.amazon.coral.service#AccessDeniedException',
|
23 | Message: 'User: arn:aws:iam::' + store.tableDb.awsAccountId + ':' + username + ' is not authorized to perform: ' +
|
24 | 'dynamodb:UntagResource on resource: ' + (data.ResourceArn || '*'),
|
25 | }
|
26 | throw accessDeniedError
|
27 | }
|
28 |
|
29 | if (data.TagKeys == null) {
|
30 | return '1 validation error detected: Value null at \'tagKeys\' failed to satisfy constraint: Member must not be null'
|
31 | }
|
32 |
|
33 | if (!/^arn:aws:dynamodb:.+:\d+:table\/[^/]{2}[^/]+$/.test(data.ResourceArn)) {
|
34 | return 'Invalid TableArn: Invalid ResourceArn provided as input ' + data.ResourceArn
|
35 | }
|
36 |
|
37 | if (!data.TagKeys.length) {
|
38 | return 'Atleast one Tag Key needs to be provided as Input.'
|
39 | }
|
40 | }
|