def get_matched_policies_with_attached_policy_info(self, policies,
attached_policies):
matched_policies = []
attached_policy_arn = [
policy.get('PolicyArn', '') for policy in attached_policies
]
for policy_arn in attached_policy_arn:
policy = [p for p in policies if p.get('arn', '') == policy_arn]
if not policy:
new_policy = self.list_policy_info(policy_arn)
permission_summary = self.list_policy_summary(
policy_arn, new_policy.get('DefaultVersionId'))
new_policy.update({
'policy_usage':
self.list_policy_usage(policy_arn),
'permission':
permission_summary,
'permission_versions':
self.list_policy_versions(policy_arn),
'policy_type':
'AWS Managed'
})
policies.append(Policy(new_policy, strict=False))
matched_policies.append(Policy(new_policy, strict=False))
else:
matched_policies.extend(policy)
return matched_policies
def list_local_managed_policies(self, **query):
self.cloud_service_type = 'Policy'
policies = []
errors = []
policy_paginator = self.client.get_paginator('list_policies')
query = self._generate_key_query('Scope', 'Local', '', is_paginate=True, **query)
response_iterator_local = policy_paginator.paginate(**query)
for data in response_iterator_local:
for policy in data.get('Policies', []):
try:
policy_arn = policy.get('Arn')
description = self.list_policy_description(policy_arn)
query = self._generate_key_query('PolicyArn', policy_arn, 'Scope', is_paginate=True, **query)
permission_summary = self.list_policy_summary(policy_arn, policy.get('DefaultVersionId'))
policy.update({'description': description,
'policy_usage': self.list_policy_usage(policy_arn),
'permission': permission_summary,
'permission_versions': self.list_policy_versions(policy_arn),
'policy_type': 'Custom Managed'})
policies.append(Policy(policy, strict=False))
except Exception as e:
resource_id = policy.get('Arn', '')
errors.append(self.generate_error('global', resource_id, e))
return policies, errors
def list_local_managed_policies(self, **query):
policies = []
policy_paginator = self.client.get_paginator('list_policies')
query = self._generate_key_query('Scope',
'Local',
'',
is_paginate=True,
**query)
response_iterator_local = policy_paginator.paginate(**query)
for data in response_iterator_local:
for policy in data.get('Policies', []):
policy_arn = policy.get('Arn')
description = self.list_policy_description(policy_arn)
query = self._generate_key_query('PolicyArn',
policy_arn,
'Scope',
is_paginate=True,
**query)
permission_summary = self.list_policy_summary(
policy_arn, policy.get('DefaultVersionId'))
policy.update({
'description':
description,
'policy_usage':
self.list_policy_usage(policy_arn),
'permission':
permission_summary,
'permission_versions':
self.list_policy_versions(policy_arn),
'policy_type':
'Custom Managed'
})
# print('-------Policy---------')
# print()
# pprint(policy)
# print()
# print('----------------------')
try:
policies.append(Policy(policy, strict=False))
except Exception as e:
_LOGGER.debug(f'[IAM: Policy details]: {policy}')
return policies