save IAM export assets relative at a folder prefix (#15355)

2025-01-11 15:03:22 -05:00 · 2022-07-21 17:51:33 -07:00 · 2022-07-21 17:51:33 -07:00 · 7560fb6f9a
commit 7560fb6f9a
parent 2fddcc6a11
1 changed files with 13 additions and 10 deletions
--- a/cmd/admin-handlers-users.go
+++ b/cmd/admin-handlers-users.go
@ -1543,6 +1543,7 @@ const (
 	groupPolicyMappingsFile    = "group_mappings.json"
 	stsUserPolicyMappingsFile  = "stsuser_mappings.json"
 	stsGroupPolicyMappingsFile = "stsgroup_mappings.json"
 	iamAssetsDir               = "iam-assets"
 )
 // ExportIAMHandler - exports all iam info as a zipped file
@ -1594,8 +1595,9 @@ func (a adminAPIHandlers) ExportIAM(w http.ResponseWriter, r *http.Request) {
 		stsUserPolicyMappingsFile,
 		stsGroupPolicyMappingsFile,
 	}
-	for _, iamFile := range iamFiles {
+	for _, f := range iamFiles {
-		switch iamFile {
+		iamFile := pathJoin(iamAssetsDir, f)
 		switch f {
 		case allPoliciesFile:
 			allPolicies, err := globalIAMSys.ListPolicies(ctx, "")
 			if err != nil {
@ -1821,7 +1823,8 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	}
 	// import policies first
 	{
-		f, err := zr.Open(allPoliciesFile)
+
 		f, err := zr.Open(pathJoin(iamAssetsDir, allPoliciesFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@ -1856,7 +1859,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	// import users
 	{
-		f, err := zr.Open(allUsersFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, allUsersFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@ -1933,7 +1936,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	// import groups
 	{
-		f, err := zr.Open(allGroupsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, allGroupsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@ -1971,7 +1974,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	// import service accounts
 	{
-		f, err := zr.Open(allSvcAcctsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, allSvcAcctsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@ -2067,7 +2070,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	// import user policy mappings
 	{
-		f, err := zr.Open(userPolicyMappingsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, userPolicyMappingsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@ -2106,7 +2109,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	// import group policy mappings
 	{
-		f, err := zr.Open(groupPolicyMappingsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, groupPolicyMappingsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@ -2135,7 +2138,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	// import sts user policy mappings
 	{
-		f, err := zr.Open(stsUserPolicyMappingsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, stsUserPolicyMappingsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil:
@ -2174,7 +2177,7 @@ func (a adminAPIHandlers) ImportIAM(w http.ResponseWriter, r *http.Request) {
 	// import sts group policy mappings
 	{
-		f, err := zr.Open(stsGroupPolicyMappingsFile)
+		f, err := zr.Open(pathJoin(iamAssetsDir, stsGroupPolicyMappingsFile))
 		switch {
 		case errors.Is(err, os.ErrNotExist):
 		case err != nil: