1. Advisor
  2. repokid
  3. functions
  4. repokid.utils.roledata
View all repokid analysis

How to use the repokid.utils.roledata function in repokid

To help you get started, we’ve selected a few repokid examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Netflix / repokid / repokid / dispatcher / __init__.py View on Github external
)

    if not role_id:
        return ResponderReturn(
            successful=False,
            return_message="Unable to find role {} in account {}".format(
                message.role_name, message.account
            ),
        )
    else:
        role_data = dynamo.get_role_data(dynamo_table, role_id, fields=["Policies"])
        return_val = "Restorable versions for role {} in account {}\n".format(
            message.role_name, message.account
        )
        for index, policy_version in enumerate(role_data["Policies"]):
            total_permissions, _ = roledata._get_permissions_in_policy(
                policy_version["Policy"]
            )
            return_val += "({:>3}):  {:<5}     {:<15}  {}\n".format(
                index,
                len(total_permissions),
                policy_version["Discovered"],
                policy_version["Source"],
            )
        return ResponderReturn(successful=True, return_message=return_val)
github Netflix / repokid / repokid / cli / repokid_cli.py View on Github external
continuing = False

    total_permissions, eligible_permissions = roledata._get_role_permissions(role)
    repoable_permissions = roledata._get_repoable_permissions(
        account_number,
        role.role_name,
        eligible_permissions,
        role.aa_data,
        role.no_repo_permissions,
        config["filter_config"]["AgeFilter"]["minimum_age"],
        hooks,
    )

    # if this is a scheduled repo we need to filter out permissions that weren't previously scheduled
    if scheduled:
        repoable_permissions = roledata._filter_scheduled_repoable_perms(
            repoable_permissions, role.scheduled_perms
        )

    repoed_policies, deleted_policy_names = roledata._get_repoed_policy(
        role.policies[-1]["Policy"], repoable_permissions
    )

    if _inline_policies_size_exceeds_maximum(repoed_policies):
        error = (
            "Policies would exceed the AWS size limit after repo for role: {} in account {}.  "
            "Please manually minify.".format(role_name, account_number)
        )
        LOGGER.error(error)
        errors.append(error)
        continuing = False

repokid

AWS Least Privilege for Distributed, High-Velocity Deployment

GitHub
Apache-2.0
Latest version published 3 years ago

Package Health Score

51 / 100
Full package analysis

Popular repokid functions

Similar packages