Analyzing
See the example under https://github.com/salesforce/policy_sentry/blob/master/examples/library-usage/analysis/expand_actions_from_policy.py
analysis.expand
Functions to expand wilcard actions into a full list of actions.
determine_actions_to_expand(action_list)
Determine if an action needs to get expanded from its wildcard
Parameters:
Name | Type | Description | Default |
---|---|---|---|
action_list |
|
A list of actions |
required |
Returns:
Type | Description |
---|---|
List |
A list of actions |
expand(action)
expand the action wildcards into a full action
Parameters:
Name | Type | Description | Default |
---|---|---|---|
action |
|
An action in the form with a wildcard - like s3:Get, or s3:L |
required |
Returns:
Type | Description |
---|---|
List |
A list of all the expanded actions (like actions matching s3:Get*) |
get_expanded_policy(policy)
Given a policy, expand the * Actions in IAM policy files to improve readability
Parameters:
Name | Type | Description | Default |
---|---|---|---|
policy |
|
dictionary containing valid AWS IAM Policy |
required |
Returns:
Type | Description |
---|---|
Dictionary |
the policy that has the |