From 18436fe3cd93c59f9cd1dd94e121eb8df38c49d8 Mon Sep 17 00:00:00 2001
From: Daniel Leavitt <daniel.leavitt@gmail.com>
Date: Wed, 28 Aug 2024 17:45:26 -0700
Subject: [PATCH] Add secretsmanager

At least for the secrets in my account, the resource segment of the ARN has an extra trailing "-xyZ12" piece that isn't part of the secret name and can't be included in the console URL.

For now just throwing an error if that suffix is missing, but please update / LMK if there are secrets without the suffix in the ARN and what their console URLs are so we can make the helper work for them.
---
 link2aws.js                 | 12 +++++++++++-
 testcases/aws-negative.json |  3 ++-
 testcases/aws.json          |  3 ++-
 3 files changed, 15 insertions(+), 3 deletions(-)

diff --git a/link2aws.js b/link2aws.js
index 13ba1a6..3062f47 100644
--- a/link2aws.js
+++ b/link2aws.js
@@ -978,7 +978,17 @@ class ARN {
                 "domain": null,
             },
             "secretsmanager": { // AWS Secrets Manager
-                "secret": null,
+                "secret": () => {
+                    if (this.resource.indexOf("-") === -1) {
+                        // all the secrets I've seen have a "-" delimited suffix
+                        // in the ARN that isn't part of the secret name. For
+                        // now just throwing if the suffix is missing, please
+                        // update if needed.
+                        throw Error(`Secret ARN for ${this.resource} missing suffix`);
+                    }
+                    const name = this.resource.split('-').slice(0, -1).join('-');
+                    return `https://${this.region}.${this.console}/${this.service}/${this.resource_type}?name=${name}`;
+                },
             },
             "securityhub": { // AWS Security Hub
                 "hub": null,
diff --git a/testcases/aws-negative.json b/testcases/aws-negative.json
index 21c1b3b..4d05058 100644
--- a/testcases/aws-negative.json
+++ b/testcases/aws-negative.json
@@ -38,5 +38,6 @@
     "arn:aws:ec2:us-ea st-1:123456789012:instance/asdf",
     "arn:aws:ec2:us-ea*st-1:123456789012:instance/asdf",
     "arn:aws:ec2:us-ea#st-1:123456789012:instance/asdf",
-    "arn:aws:ec2:us-ea\\st-1:123456789012:instance/asdf"
+    "arn:aws:ec2:us-ea\\st-1:123456789012:instance/asdf",
+    "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret9A3F29"
 ]
\ No newline at end of file
diff --git a/testcases/aws.json b/testcases/aws.json
index 368f019..515d36b 100644
--- a/testcases/aws.json
+++ b/testcases/aws.json
@@ -86,6 +86,7 @@
     "arn:aws:firehose:us-east-1:123456789012:deliverystream/test-stream": "https://console.aws.amazon.com/firehose/home?region=us-east-1#/details/test-stream/monitoring",
 
     "arn:aws:codeconnections:us-west-2:384862141196:connection/f8234ecc-8990-4e63-b25a-ec36764b7701": "https://us-west-2.console.aws.amazon.com/codesuite/settings/384862141196/us-west-2/codeconnections/connections/f8234ecc-8990-4e63-b25a-ec36764b7701",
-    "arn:aws:codestar-connections:us-west-2:384862141196:connection/f8234ecc-8990-4e63-b25a-ec36764b7701": "https://us-west-2.console.aws.amazon.com/codesuite/settings/384862141196/us-west-2/codestar-connections/connections/f8234ecc-8990-4e63-b25a-ec36764b7701"
+    "arn:aws:codestar-connections:us-west-2:384862141196:connection/f8234ecc-8990-4e63-b25a-ec36764b7701": "https://us-west-2.console.aws.amazon.com/codesuite/settings/384862141196/us-west-2/codestar-connections/connections/f8234ecc-8990-4e63-b25a-ec36764b7701",
 
+    "arn:aws:secretsmanager:us-west-2:123456789012:secret:MySecret9A3F29-vdHtS43BP1i1-knwb3S": "https://us-west-2.console.aws.amazon.com/secretsmanager/secret?name=MySecret9A3F29-vdHtS43BP1i1"
 }
\ No newline at end of file