Analyzing

analysis.analyze

Functions to support the analyze capability in this tool

policy_sentry.analysis.analyze.analyze_by_access_level(policy_json, access_level)

Determine if a policy has any actions with a given access level. This is particularly useful when determining who has ‘Permissions management’ level access

Parameters:

• policy_json – a dictionary representing the AWS JSON policy
• access_level – The normalized access level - either ‘read’, ‘list’, ‘write’, ‘tagging’, or ‘permissions-management’

policy_sentry.analysis.analyze.analyze_statement_by_access_level(statement_json, access_level)

Determine if a statement has any actions with a given access level.

Parameters:

• statement_json – a dictionary representing a statement from an AWS JSON policy
• access_level – The access level - either ‘Read’, ‘List’, ‘Write’, ‘Tagging’, or ‘Permissions management’