def get_all_roles(**conn): """ Returns a List of Roles represented as the dictionary below: { "Arn": ..., "AssumeRolePolicyDocument": ..., "CreateDate": ..., # str "InlinePolicies": ..., "InstanceProfiles": ..., "ManagedPolicies": ..., "Path": ..., "RoleId": ..., "RoleName": ..., } :param conn: dict containing enough information to make a connection to the desired account. :return: list containing dicts or fully built out roles """ roles = [] account_roles = get_account_authorization_details('Role', **conn) for role in account_roles: roles.append({ 'Arn': role['Arn'], 'AssumeRolePolicyDocument': role['AssumeRolePolicyDocument'], 'CreateDate': get_iso_string(role['CreateDate']), 'InlinePolicies': role['RolePolicyList'], 'InstanceProfiles': [{ 'path': ip['Path'], 'instance_profile_name': ip['InstanceProfileName'], 'create_date': get_iso_string(ip['CreateDate']), 'instance_profile_id': ip['InstanceProfileId'], 'arn': ip['Arn'] } for ip in role['InstanceProfileList']], 'ManagedPolicies': [{ "name": x['PolicyName'], "arn": x['PolicyArn'] } for x in role['AttachedManagedPolicies']], 'Path': role['Path'], 'RoleId': role['RoleId'], 'RoleName': role['RoleName'] }) return roles
def _get_base(role, **conn): """ Determine whether the boto get_role call needs to be made or if we already have all that data in the role object. :param role: dict containing (at the very least) role_name and/or arn. :param conn: dict containing enough information to make a connection to the desired account. :return: Camelized dict describing role containing all all base_fields. """ base_fields = frozenset([ 'Arn', 'AssumeRolePolicyDocument', 'Path', 'RoleId', 'RoleName', 'CreateDate' ]) needs_base = False for field in base_fields: if field not in role: needs_base = True break if needs_base: role_name = _get_name_from_structure(role, 'RoleName') role = CloudAux.go('iam.client.get_role', RoleName=role_name, **conn) role = role['Role'] # cast CreateDate from a datetime to something JSON serializable. role.update(dict(CreateDate=get_iso_string(role['CreateDate']))) role['_version'] = 3 return role
def _get_base(server_certificate, **conn): """Fetch the base IAM Server Certificate.""" server_certificate['_version'] = 1 # Get the initial cert details: cert_details = get_server_certificate_api(server_certificate['ServerCertificateName'], **conn) if cert_details: server_certificate.update(cert_details['ServerCertificateMetadata']) server_certificate['CertificateBody'] = cert_details['CertificateBody'] server_certificate['CertificateChain'] = cert_details.get('CertificateChain', None) # Cast dates from a datetime to something JSON serializable. server_certificate['UploadDate'] = get_iso_string(server_certificate['UploadDate']) server_certificate['Expiration'] = get_iso_string(server_certificate['Expiration']) return server_certificate
def get_all_users(flags=FLAGS.ACCESS_KEYS | FLAGS.MFA_DEVICES | FLAGS.LOGIN_PROFILE | FLAGS.SIGNING_CERTIFICATES, **conn): """ Returns a list of Users represented as dictionary below: { "Arn": ..., "AccessKeys": ..., "CreateDate": ..., # str "InlinePolicies": ..., "ManagedPolicies": ..., "MFADevices": ..., "Path": ..., "UserId": ..., "UserName": ..., "SigningCerts": ... } :param flags: :param conn: dict containing enough information to make a connection to the desired account. :return: list of dicts containing fully built out user. """ users = [] account_users = get_account_authorization_details('User', **conn) for user in account_users: temp_user = { 'Arn': user['Arn'], 'CreateDate': get_iso_string(user['CreateDate']), 'GroupList': user['GroupList'], 'InlinePolicies': user['UserPolicyList'], 'ManagedPolicies': [{ "name": x['PolicyName'], "arn": x['PolicyArn'] } for x in user['AttachedManagedPolicies']], 'Path': user['Path'], 'UserId': user['UserId'], 'UserName': user['UserName'] } user = modify(temp_user, output='camelized') _conn_from_args(user, conn) users.append( registry.build_out(flags, start_with=user, pass_datastructure=True, **conn)) return users
def get_lifecycle(bucket_name, **conn): try: result = get_bucket_lifecycle_configuration(Bucket=bucket_name, **conn) except ClientError as e: if 'NoSuchLifecycleConfiguration' not in str(e): raise e return [] for rule in result['Rules']: # Save all dates as a Proper ISO 8601 String: for transition in rule.get('Transitions', []): if 'Date' in transition: transition['Date'] = get_iso_string(transition["Date"]) if rule.get("Expiration"): if 'Date' in rule["Expiration"]: rule["Expiration"]["Date"] = get_iso_string( rule["Expiration"]["Date"]) return result['Rules']
def _get_base(group, **conn): """Fetch the base IAM Group.""" group['_version'] = 1 # Get the initial group details (only needed if we didn't grab the users): group.update( get_group_api(group['GroupName'], users=False, **conn)['Group']) # Cast CreateDate from a datetime to something JSON serializable. group['CreateDate'] = get_iso_string(group['CreateDate']) return group
def _get_base(user, **conn): base_fields = frozenset( ['Arn', 'CreateDate', 'Path', 'UserId', 'UserName']) needs_base = False for field in base_fields: if field not in user: needs_base = True break if needs_base: user_name = _get_name_from_structure(user, 'UserName') user = CloudAux.go('iam.client.get_user', UserName=user_name, **conn) user = user['User'] # cast CreateDate from a datetime to something JSON serializable. user.update(dict(CreateDate=get_iso_string(user['CreateDate']))) if 'PasswordLastUsed' in user: user.update( dict(PasswordLastUsed=get_iso_string(user['PasswordLastUsed']))) user['_version'] = 2 return user
def get_base(managed_policy, **conn): """Fetch the base Managed Policy. This includes the base policy and the latest version document. :param managed_policy: :param conn: :return: """ managed_policy['_version'] = 1 arn = _get_name_from_structure(managed_policy, 'Arn') policy = get_policy(arn, **conn) document = get_managed_policy_document(arn, policy_metadata=policy, **conn) managed_policy.update(policy['Policy']) managed_policy['Document'] = document # Fix the dates: managed_policy['CreateDate'] = get_iso_string(managed_policy['CreateDate']) managed_policy['UpdateDate'] = get_iso_string(managed_policy['UpdateDate']) return managed_policy
def get_role_instance_profiles(role, client=None, **kwargs): marker = {} instance_profiles = [] while True: response = client.list_instance_profiles_for_role( RoleName=role['RoleName'], **marker) instance_profiles.extend(response['InstanceProfiles']) if response['IsTruncated']: marker['Marker'] = response['Marker'] else: break return [{ 'Path': ip['Path'], 'InstanceProfileName': ip['InstanceProfileName'], 'CreateDate': get_iso_string(ip['CreateDate']), 'InstanceProfileId': ip['InstanceProfileId'], 'Arn': ip['Arn'] } for ip in instance_profiles]
def get_bucket_created(bucket_name, **conn): bucket = get_bucket_resource(bucket_name, **conn) # Return the creation date as a Proper ISO 8601 String: return get_iso_string(bucket.creation_date)
def _json_encode_timestamps(self, field: datetime) -> str: """Solve those pesky timestamps and JSON annoyances.""" if isinstance(field, datetime): return get_iso_string(field)