def __init__(self, data, options): self.data = data self.options = options # We store all the policies passed in so we can refilter later self._all_policies = [] session = utils.get_profile_session(options) for p in self.data.get('policies', []): all_regions = session.get_available_regions(p['resource']) if 'all' in options.regions: options.regions = all_regions for region in options.regions: if region not in all_regions: # TODO - do we want a message continue options_copy = copy.copy(options) # TODO - why doesn't aws like unicode regions? options_copy.region = str(region) self._all_policies.append( Policy(p, options_copy, session_factory=self.test_session_factory())) # Do an initial filtering self.policies = [] resource_type = getattr(self.options, 'resource_type', None) policy_name = getattr(self.options, 'policy_filter', None) self.policies = self.filter(policy_name, resource_type)
def _default_account_id(options): if options.assume_role: try: options.account_id = options.assume_role.split(':')[4] return except IndexError: pass try: session = utils.get_profile_session(options) options.account_id = get_account_id_from_sts(session) except: options.account_id = None
def _default_region(options): marker = object() value = getattr(options, 'regions', marker) if value is marker: return if len(value) > 0: return try: options.regions = [utils.get_profile_session(options).region_name] except: log.warning('Could not determine default region') options.regions = [None] if options.regions[0] is None: log.error('No default region set. Specify a default via AWS_DEFAULT_REGION ' 'or setting a region in ~/.aws/config') sys.exit(1) log.debug("using default region:%s from boto" % options.regions[0])