How to use the repokid.LOGGER.debug function in repokid
To help you get started, we’ve selected a few repokid examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
Netflix / repokid / repokid / cli / repokid_cli.py View on Github 
def main():
args = docopt(__doc__, version="Repokid {version}".format(version=__version__))
if args.get("config"):
config_filename = args.get("")
_generate_default_config(filename=config_filename)
sys.exit(0)
account_number = args.get("")
if not CONFIG:
config = _generate_default_config()
else:
config = CONFIG
LOGGER.debug("Repokid cli called with args {}".format(args))
hooks = _get_hooks(config.get("hooks", ["repokid.hooks.loggers"]))
dynamo_table = dynamo_get_or_create_table(**config["dynamo_db"])
if args.get("update_role_cache"):
return update_role_cache(account_number, dynamo_table, config, hooks)
if args.get("display_role_cache"):
inactive = args.get("--inactive")
return display_roles(account_number, dynamo_table, inactive=inactive)
if args.get("find_roles_with_permissions"):
permissions = args.get("")
output_file = args.get("--output")
return find_roles_with_permissions(permissions, dynamo_table, output_file)def log_after_repo_hooks(input_dict):
LOGGER.debug("Calling AFTER_REPO hooks")
if "role" not in input_dict:
raise hooks.MissingHookParamaeter(
"Required key 'role' not passed to AFTER_REPO"
)
return input_dictdef log_during_repoable_calculation_hooks(input_dict):
LOGGER.debug("Calling DURING_REPOABLE_CALCULATION hooks")
if not all(
required in input_dict
for required in [
"account_number",
"role_name",
"potentially_repoable_permissions",
"minimum_age",
]
):
raise hooks.MissingHookParamaeter(
"Did not get all required parameters for DURING_REPOABLE_CALCULATION hook"
)
return input_dict"Calculating repoable permissions and services for account {}".format(
account_number
)
)
batch_processing = config.get("query_role_data_in_batch", False)
batch_size = config.get("batch_processing_size", 100)
roledata._calculate_repo_scores(
roles,
config["filter_config"]["AgeFilter"]["minimum_age"],
hooks,
batch_processing,
batch_size,
)
for role in roles:
LOGGER.debug(
"Role {} in account {} has\nrepoable permissions: {}\nrepoable services: {}".format(
role.role_name,
account_number,
role.repoable_permissions,
role.repoable_services,
)
)
set_role_data(
dynamo_table,
role.role_id,
{
"TotalPermissions": role.total_permissions,
"RepoablePermissions": role.repoable_permissions,
"RepoableServices": role.repoable_services,
},
)def log_before_repo_roles(input_dict):
LOGGER.debug("Calling DURING_REPOABLE_CALCULATION hooks")
if not all(required in input_dict for required in ["account_number", "roles"]):
raise hooks.MissingHookParamaeter(
"Did not get all required parameters for BEFORE_REPO_ROLES hook"
)
return input_dictfor permission_name, permission_value in list(
output["potentially_repoable_permissions"].items()
)
if permission_value.repoable
]
)
repoable_set_dict[role_arn] = repoable_set
repoable_log_dict[role_arn] = "".join(
"{}: {}\n".format(perm, decision.decider)
for perm, decision in list(
output["potentially_repoable_permissions"].items()
)
)
for role in repo_able_roles:
LOGGER.debug(
"Repoable permissions for role {role_name} in {account_number}:\n{repoable}".format(
role_name=role.role_name,
account_number=role.account,
repoable=repoable_log_dict[role.arn],
)
)
return repoable_set_dictdef check_and_log_after_schedule_repo_hooks(input_dict):
LOGGER.debug("Calling AFTER_SCHEDULE_REPO hooks")
if 'roles' not in input_dict:
raise hooks.MissingHookParamaeterno_repo_permissions,
minimum_age,
)
hooks_output = repokid.hooks.call_hooks(
hooks,
"DURING_REPOABLE_CALCULATION",
{
"account_number": account_number,
"role_name": role_name,
"potentially_repoable_permissions": potentially_repoable_permissions,
"minimum_age": minimum_age,
},
)
LOGGER.debug(
"Repoable permissions for role {role_name} in {account_number}:\n{repoable}".format(
role_name=role_name,
account_number=account_number,
repoable="".join(
"{}: {}\n".format(perm, decision.decider)
for perm, decision in list(
hooks_output["potentially_repoable_permissions"].items()
)
),
)
)
return set(
[
permission_name
for permission_name, permission_value in list(repokid
AWS Least Privilege for Distributed, High-Velocity Deployment
Package Health Score
51 / 100Popular repokid functions
- repokid.hooks
- repokid.hooks.call_hooks
- repokid.LOGGER
- repokid.LOGGER.debug
- repokid.LOGGER.error
- repokid.LOGGER.info
- repokid.LOGGER.warn
- repokid.LOGGER.warning
- repokid.role.Role
- repokid.role.Roles
- repokid.utils.dynamo.find_role_in_cache
- repokid.utils.dynamo.get_role_data
- repokid.utils.dynamo.role_ids_for_account
- repokid.utils.dynamo.set_role_data
- repokid.utils.roledata
- repokid.utils.roledata._calculate_repo_scores
- repokid.utils.roledata._get_repoed_policy
- repokid.utils.roledata._get_role_permissions
- repokid.utils.roledata.update_role_data
- repokid.utils.roledata.update_stats