Python get_repoed_policyの例

プログラミング言語: Python

名前空間/パッケージ名: repokid.utils.permissions

メソッド/関数: get_repoed_policy

hotexamples.comのコード掲載数: 2

Python get_repoed_policy - 2件のコード例が見つかりました。すべてオープンソースプロジェクトから抽出されたPythonのrepokid.utils.permissions.get_repoed_policyの実例で、最も評価が高いものを厳選しています。コード例の評価を行っていただくことで、より質の高いコード例が表示されるようになります。

コード例 #1

ファイルを表示

    def get_repoed_policy(self,
                          scheduled: bool = False
                          ) -> Tuple[Dict[str, Any], List[str]]:
        if not self.repoable_services:
            raise MissingRepoableServices("role must be updated")
        if scheduled:
            permissions, services = get_services_and_permissions_from_repoable(
                self.scheduled_perms)
            repoable = [
                p for p in self.repoable_services
                if p in self.scheduled_perms or p.split(":")[0] in services
            ]
        else:
            repoable = self.repoable_services

        repoed_policies, deleted_policy_names = get_repoed_policy(
            self.policies[-1]["Policy"], set(repoable))
        return repoed_policies, deleted_policy_names

コード例 #2

ファイルを表示

    def remove_permissions(self,
                           permissions: List[str],
                           hooks: RepokidHooks,
                           commit: bool = False) -> None:
        """Remove the list of permissions from the provided role.

        Args:
            account_number (string)
            permissions (list<string>)
            role (Role object)
            role_id (string)
            commit (bool)

        Returns:
            None
        """
        (
            repoed_policies,
            deleted_policy_names,
        ) = get_repoed_policy(self.policies[-1]["Policy"], set(permissions))

        if inline_policies_size_exceeds_maximum(repoed_policies):
            logger.error(
                "Policies would exceed the AWS size limit after repo for role: {} in account {}.  "
                "Please manually minify.".format(self.role_name, self.account))
            return

        if not commit:
            log_deleted_and_repoed_policies(deleted_policy_names,
                                            repoed_policies, self.role_name,
                                            self.account)
            return

        conn = self.config["connection_iam"]  # type: ignore
        conn["account_number"] = self.account

        for name in deleted_policy_names:
            try:
                delete_policy(name, self.role_name, self.account, conn)
            except IAMError as e:
                logger.error(e)

        if repoed_policies:
            try:
                replace_policies(repoed_policies, self.role_name, self.account,
                                 conn)
            except IAMError as e:
                logger.error(e)

        current_policies = get_role_inline_policies(self.dict(), **conn) or {}
        self.add_policy_version(current_policies, "Repo")

        self.repoed = datetime.datetime.now(
            tz=datetime.timezone.utc).isoformat()
        update_repoed_description(self.role_name, conn)
        self.gather_role_data(
            hooks,
            current_policies=current_policies,
            source="ManualPermissionRepo",
            add_no_repo=False,
        )
        logger.info(
            "Successfully removed {permissions} from role: {role} in account {account_number}"
            .format(
                permissions=permissions,
                role=self.role_name,
                account_number=self.account,
            ))