PanosGreg · May 9, 2025 08:45
diff --git a/Get-AmazonApiOperation.ps1 b/Get-AmazonApiOperation.ps1
 function Get-AmazonApiOperation {
 <#
 .SYNOPSIS
    Show the relevant AWS API Operation for a given PowerShell command
 .DESCRIPTION
    This function comes handy when writing permissions for IAM roles.
    Because you need to know the actions (as-in API operations) that you want to allow in the IAM policy.
 .EXAMPLE
    Get-Command -Noun EC2Tag | Get-AmazonApiOperation

    # use the pipeline to show API operations
 .EXAMPLE
    $Sorter = {
      if ($_.Noun -eq 'EC2Volume') {1}  # <-- put all Get/Set/Edit/New/.. -EC2Volume commands on top
      else                         {2}  # <-- everything else comes later, ex Get-EC2VolumeStatus,Edit-EC2VolumeAttribute,etc
    }
    $Commands = Get-Command -Noun EC2Volume* -Module AWS.Tools.EC2 | Sort-Object -Property @{e=$Sorter}
    Get-AmazonApiOperation -Command $Commands

    # use the parameter, but have the commands sorted first in a custom way
 #>
 [cmdletbinding()]
 [OutputType([psobject])]
 param (
    [Parameter(Mandatory,Position=0,ValueFromPipeline)]
    [ValidateScript({$_.Source -like 'AWS.Tools.*'})]  # <-- make sure it's an AWS command
    [System.Management.Automation.CommandInfo[]]$Command
 )
 begin {}
 process {
    $FromPipe = $MyInvocation.ExpectingInput
    if ($FromPipe) {$CurrentItem = $_}
    else           {$CurrentItem = $Command}

    foreach ($cmd in $CurrentItem) {
        $Synopsis = (Get-Help -Name $cmd.Name).Synopsis
        $Regex    = [regex]::Match($Synopsis,'(\w+) API operation\.$')
        if ($Regex.Success) {$ApiOp = $Regex.Groups[1].Value}
        else                {$ApiOp = ''}
        [pscustomobject] @{    # <-- this is the output
            PSTypeName = 'Amazon.ApiOperation'
            Module     = $cmd.Source
            Command    = $cmd.Name
            API        = $ApiOp
            Output     = $cmd.OutputType.Name
        }
    }
 } #process
 end {}
 }
	function Get-AmazonApiOperation {
	<#
	.SYNOPSIS
	Show the relevant AWS API Operation for a given PowerShell command
	.DESCRIPTION
	This function comes handy when writing permissions for IAM roles.
	Because you need to know the actions (as-in API operations) that you want to allow in the IAM policy.
	.EXAMPLE
	Get-Command -Noun EC2Tag \| Get-AmazonApiOperation

	# use the pipeline to show API operations
	.EXAMPLE
	$Sorter = {
	if ($_.Noun -eq 'EC2Volume') {1} # <-- put all Get/Set/Edit/New/.. -EC2Volume commands on top
	else {2} # <-- everything else comes later, ex Get-EC2VolumeStatus,Edit-EC2VolumeAttribute,etc
	}
	$Commands = Get-Command -Noun EC2Volume* -Module AWS.Tools.EC2 \| Sort-Object -Property @{e=$Sorter}
	Get-AmazonApiOperation -Command $Commands

	# use the parameter, but have the commands sorted first in a custom way
	#>
	[cmdletbinding()]
	[OutputType([psobject])]
	param (
	[Parameter(Mandatory,Position=0,ValueFromPipeline)]
	[ValidateScript({$_.Source -like 'AWS.Tools.*'})] # <-- make sure it's an AWS command
	[System.Management.Automation.CommandInfo[]]$Command
	)
	begin {}
	process {
	$FromPipe = $MyInvocation.ExpectingInput
	if ($FromPipe) {$CurrentItem = $_}
	else {$CurrentItem = $Command}

	foreach ($cmd in $CurrentItem) {
	$Synopsis = (Get-Help -Name $cmd.Name).Synopsis
	$Regex = [regex]::Match($Synopsis,'(\w+) API operation\.$')
	if ($Regex.Success) {$ApiOp = $Regex.Groups[1].Value}
	else {$ApiOp = ''}
	[pscustomobject] @{ # <-- this is the output
	PSTypeName = 'Amazon.ApiOperation'
	Module = $cmd.Source
	Command = $cmd.Name
	API = $ApiOp
	Output = $cmd.OutputType.Name
	}
	}
	} #process
	end {}
	}