def update_stats(dynamo_table, roles, source='Scan'): """ Create a new stats entry for each role in a set of roles and add it to Dynamo Args: roles (Roles): a list of all the role objects to update data for source (string): the source of the new stats data (repo, scan, etc) Returns: None """ for role in roles: new_stats = { 'Date': datetime.datetime.utcnow().isoformat(), 'DisqualifiedBy': role.disqualified_by, 'PermissionsCount': role.total_permissions, 'RepoablePermissionsCount': role.repoable_permissions, 'Source': source } try: cur_stats = role.stats[-1] except IndexError: cur_stats = { 'DisqualifiedBy': [], 'PermissionsCount': 0, 'RepoablePermissionsCount': 0 } for item in [ 'DisqualifiedBy', 'PermissionsCount', 'RepoablePermissionsCount' ]: if new_stats.get(item) != cur_stats.get(item): add_to_end_of_list(dynamo_table, role.role_id, 'Stats', new_stats)
def update_stats(dynamo_table, roles, source="Scan"): """ Create a new stats entry for each role in a set of roles and add it to Dynamo Args: roles (Roles): a list of all the role objects to update data for source (string): the source of the new stats data (repo, scan, etc) Returns: None """ for role in roles: new_stats = { "Date": datetime.datetime.utcnow().isoformat(), "DisqualifiedBy": role.disqualified_by, "PermissionsCount": role.total_permissions, "RepoablePermissionsCount": role.repoable_permissions, "Source": source, } try: cur_stats = role.stats[-1] except IndexError: cur_stats = { "DisqualifiedBy": [], "PermissionsCount": 0, "RepoablePermissionsCount": 0, } for item in [ "DisqualifiedBy", "PermissionsCount", "RepoablePermissionsCount" ]: if new_stats.get(item) != cur_stats.get(item): add_to_end_of_list(dynamo_table, role.role_id, "Stats", new_stats)
def add_new_managed_policy_version(dynamo_table, role, current_managed_policy, update_source): """ Create a new entry in the history of policy versions in Dynamo. The entry contains the source of the new policy: (scan, repo, or restore) the current time, and the current policy contents. Updates the role's policies with the full policies including the latest. Args: role (Role) current_managed_policy (dict) update_source (string): ['Repo', 'Scan', 'Restore'] Returns: None """ policy_entry = { "Source": update_source, "Discovered": datetime.datetime.utcnow().isoformat(), "Policy": current_managed_policy, } add_to_end_of_list(dynamo_table, role.role_id, "ManagedPolicies", policy_entry) role.managed_policies = get_role_data(dynamo_table, role.role_id, fields=["ManagedPolicies" ])["ManagedPolicies"]
def update_stats(dynamo_table, roles, source='Scan'): """ Create a new stats entry for each role in a set of roles and add it to Dynamo Args: roles (Roles): a list of all the role objects to update data for source (string): the source of the new stats data (repo, scan, etc) Returns: None """ for role in roles: new_stats = { 'Date': datetime.datetime.utcnow().isoformat(), 'DisqualifiedBy': role.disqualified_by, 'PermissionsCount': role.total_permissions, 'Source': source } cur_stats = get_role_data(dynamo_table, role.role_id, fields=['Stats'])['Stats'][-1] for item in ['DisqualifiedBy', 'PermissionsCount']: if new_stats[item] != cur_stats[item]: add_to_end_of_list(dynamo_table, role.role_id, 'Stats', new_stats)