def query_arn_table(name, service, list_arn_types, fmt): """Query the ARN Table from the Policy Sentry database. Use this one when leveraging Policy Sentry as a library.""" if os.path.exists(LOCAL_DATASTORE_FILE_PATH): logger.info( f"Using the Local IAM definition: {LOCAL_DATASTORE_FILE_PATH}. To leverage the bundled definition instead, remove the folder $HOME/.policy_sentry/" ) else: # Otherwise, leverage the datastore inside the python package logger.debug("Leveraging the bundled IAM Definition.") # Get a list of all RAW ARN formats available through the service. if name is None and list_arn_types is False: output = get_raw_arns_for_service(service) print(yaml.dump(output)) if fmt == "yaml" else [ print(item) for item in output ] # Get a list of all the ARN types per service, paired with the RAW ARNs elif name is None and list_arn_types: output = get_arn_types_for_service(service) print(yaml.dump(output)) if fmt == "yaml" else [ print(json.dumps(output, indent=4)) ] # Get the raw ARN format for the `cloud9` service with the short name # `environment` else: output = get_arn_type_details(service, name) print(yaml.dump(output)) if fmt == "yaml" else [ print(json.dumps(output, indent=4)) ] return output
def test_get_arn_type_details(self): """querying.arns.get_arn_type_details: Tests function that grabs details about a specific ARN name""" desired_output = { "resource_type_name": "environment", "raw_arn": "arn:${Partition}:cloud9:${Region}:${Account}:environment:${ResourceId}", "condition_keys": None, } output = get_arn_type_details(db_session, "cloud9", "environment") self.assertEqual(desired_output, output)
def test_get_arn_type_details(self): """querying.arns.get_arn_type_details: Tests function that grabs details about a specific ARN name""" expected_results = { "resource_type_name": "environment", "raw_arn": "arn:${Partition}:cloud9:${Region}:${Account}:environment:${ResourceId}", "condition_keys": ["aws:ResourceTag/${TagKey}"], } results = get_arn_type_details("cloud9", "environment") # print(json.dumps(results, indent=4)) self.assertEqual(results, expected_results)
def arn_table(name, service, list_arn_types): """Query the ARN Table from the Policy Sentry database""" db_session = connect_db(DATABASE_FILE_PATH) # Get a list of all RAW ARN formats available through the service. if name is None and list_arn_types is False: raw_arns = get_raw_arns_for_service(db_session, service) for item in raw_arns: print(item) # Get a list of all the ARN types per service, paired with the RAW ARNs elif name is None and list_arn_types: output = get_arn_types_for_service(db_session, service) print(json.dumps(output, indent=4)) # Get the raw ARN format for the `cloud9` service with the short name # `environment` else: output = get_arn_type_details(db_session, service, name) print(json.dumps(output, indent=4))
def query_arn_table(name, service, list_arn_types, fmt): """Query the ARN Table from the Policy Sentry database. Use this one when leveraging Policy Sentry as a library.""" # Get a list of all RAW ARN formats available through the service. if name is None and list_arn_types is False: output = get_raw_arns_for_service(service) print(yaml.dump(output)) if fmt == "yaml" else [ print(item) for item in output ] # Get a list of all the ARN types per service, paired with the RAW ARNs elif name is None and list_arn_types: output = get_arn_types_for_service(service) print(yaml.dump(output)) if fmt == "yaml" else [ print(json.dumps(output, indent=4)) ] # Get the raw ARN format for the `cloud9` service with the short name # `environment` else: output = get_arn_type_details(service, name) print(yaml.dump(output)) if fmt == "yaml" else [ print(json.dumps(output, indent=4)) ] return output
#!/usr/bin/env python from policy_sentry.querying.arns import get_arn_type_details import json if __name__ == '__main__': output = get_arn_type_details("cloud9", "environment") print(json.dumps(output, indent=4)) """ Output: { "resource_type_name": "environment", "raw_arn": "arn:${Partition}:cloud9:${Region}:${Account}:environment:${ResourceId}", "condition_keys": None } """
#!/usr/bin/env python from policy_sentry.shared.database import connect_db from policy_sentry.querying.arns import get_arn_type_details import json if __name__ == '__main__': db_session = connect_db('bundled') output = get_arn_type_details(db_session, "cloud9", "environment") print(json.dumps(output, indent=4)) """ Output: { "resource_type_name": "environment", "raw_arn": "arn:${Partition}:cloud9:${Region}:${Account}:environment:${ResourceId}", "condition_keys": None } """