def test_get_condition_key_details(self):
"""querying.conditions.get_condition_key_details"""
desired_output = {
"name": "cloud9:Permissions",
"description": "Filters access by the type of AWS Cloud9 permissions",
"condition_value_type": "string",
}
output = get_condition_key_details("cloud9", "cloud9:Permissions")
self.assertEqual(desired_output, output)
def test_get_condition_key_details(self):
"""test_get_condition_key_details: Tests function that grabs details about a specific condition key"""
desired_output = {
"name": "cloud9:Permissions",
"description":
"Filters access by the type of AWS Cloud9 permissions",
"condition_value_type": "string"
}
output = get_condition_key_details(db_session, "cloud9",
"cloud9:Permissions")
self.assertEquals(desired_output, output)
def condition_table(name, service):
"""Query the condition keys table from the Policy Sentry database"""
db_session = connect_db(DATABASE_FILE_PATH)
# Get a list of all condition keys available to the service
if name is None:
condition_results = get_condition_keys_for_service(db_session, service)
for item in condition_results:
print(item)
# Get details on the specific condition key
else:
output = get_condition_key_details(db_session, service, name)
print(json.dumps(output, indent=4))
def query_condition_table(name, service, fmt="json"):
"""Query the condition table from the Policy Sentry database. Use this one when leveraging Policy Sentry as a library."""
# Get a list of all condition keys available to the service
if name is None:
output = get_condition_keys_for_service(service)
print(yaml.dump(output)) if fmt == "yaml" else [
print(item) for item in output
]
# Get details on the specific condition key
else:
output = get_condition_key_details(service, name)
print(yaml.dump(output)) if fmt == "yaml" else [
print(json.dumps(output, indent=4))
]
return output
def condition_table(name, service, fmt, log_level):
"""Query the condition keys table from the Policy Sentry database"""
set_log_level(logger, log_level)
db_session = connect_db(DATABASE_FILE_PATH)
# Get a list of all condition keys available to the service
if name is None:
results = get_condition_keys_for_service(db_session, service)
print(yaml.dump(results)) if fmt == "yaml" else [
print(item) for item in results
]
# Get details on the specific condition key
else:
output = get_condition_key_details(db_session, service, name)
print(yaml.dump(output)) if fmt == "yaml" else [
print(json.dumps(output, indent=4))
]
def query_condition_table(name, service, fmt="json"):
"""Query the condition table from the Policy Sentry database.
Use this one when leveraging Policy Sentry as a library."""
if os.path.exists(LOCAL_DATASTORE_FILE_PATH):
logger.info(
f"Using the Local IAM definition: {LOCAL_DATASTORE_FILE_PATH}. To leverage the bundled definition instead, remove the folder $HOME/.policy_sentry/"
)
else:
# Otherwise, leverage the datastore inside the python package
logger.debug("Leveraging the bundled IAM Definition.")
# Get a list of all condition keys available to the service
if name is None:
output = get_condition_keys_for_service(service)
print_list(output=output, fmt=fmt)
# Get details on the specific condition key
else:
output = get_condition_key_details(service, name)
print_dict(output=output, fmt=fmt)
return output
#!/usr/bin/env python
from policy_sentry.shared.database import connect_db
from policy_sentry.querying.conditions import get_condition_key_details
import json
if __name__ == '__main__':
db_session = connect_db('bundled')
output = get_condition_key_details(db_session, "cloud9",
"cloud9:Permissions")
print(json.dumps(output, indent=4))
"""
Output:
{
"name": "cloud9:Permissions",
"description": "Filters access by the type of AWS Cloud9 permissions",
"condition_value_type": "string"
}
"""