Ejemplos de remove_read_level_actions en Python

Lenguaje de programación: Python

Namespace/Package Name: cloudsplaining.shared.utils

Método / Función: remove_read_level_actions

Ejemplos en hotexamples.com: 3

Python remove_read_level_actions - 3 ejemplos encontrados. Estos son los ejemplos en Python del mundo real mejor valorados de cloudsplaining.shared.utils.remove_read_level_actions extraídos de proyectos de código abierto. Puedes valorar ejemplos para ayudarnos a mejorar la calidad de los ejemplos.

Ejemplo n.º 1

Mostrar archivo

    def missing_resource_constraints_for_modify_actions(
            self, exclusions: Exclusions = DEFAULT_EXCLUSIONS) -> List[str]:
        """
        Determine whether or not any actions at the 'Write', 'Permissions management', or 'Tagging' access levels
        are allowed by the statement without resource constraints.

        :param exclusions: Exclusions object
        """
        if not isinstance(exclusions, Exclusions):
            raise Exception(  # pragma: no cover
                "The provided exclusions is not the Exclusions object type. "
                "Please use the Exclusions object.")
        # This initially includes read-only and modify level actions
        if exclusions.include_actions:
            always_look_for_actions = [
                x.lower() for x in exclusions.include_actions
            ]
        else:
            always_look_for_actions = []

        actions_missing_resource_constraints = self.missing_resource_constraints(
            exclusions)

        always_actions_found = []
        for action in actions_missing_resource_constraints:
            if action.lower() in always_look_for_actions:
                always_actions_found.append(action)

        modify_actions_missing_constraints = set()
        modify_actions_missing_constraints.update(
            remove_read_level_actions(actions_missing_resource_constraints))
        modify_actions_missing_constraints.update(always_actions_found)

        return list(modify_actions_missing_constraints)

Ejemplo n.º 2

Mostrar archivo

 def test_remove_read_level_actions(self):
     actions = [
         "ssm:GetParameters",
         "ecr:PutImage"
     ]
     result = remove_read_level_actions(actions)
     expected_result = ['ecr:PutImage']
     self.assertListEqual(result, expected_result)

Ejemplo n.º 3

Mostrar archivo

    def missing_resource_constraints_for_modify_actions(
            self, always_look_for_actions=None):
        """
        Determine whether or not any actions at the 'Write', 'Permissions management', or 'Tagging' access levels
        are allowed by the statement without resource constraints.

        :param always_look_for_actions: A list of actions at the 'Read' or 'List' access level to always look for, even though they are not 'Modify' type actions. This is useful for adding actions that could contribute to data leaks.
        """
        if always_look_for_actions is None:
            always_look_for_actions = []
        actions_missing_resource_constraints = self.missing_resource_constraints

        always_actions_found = []
        for action in actions_missing_resource_constraints:
            if action.lower() in [x.lower() for x in always_look_for_actions]:
                always_actions_found.append(action)
        modify_actions_missing_constraints = remove_read_level_actions(
            actions_missing_resource_constraints)
        modify_actions_missing_constraints = (
            modify_actions_missing_constraints + always_actions_found)
        return modify_actions_missing_constraints