def __init__(self, data, options):
self.data = data
self.options = options
# We store all the policies passed in so we can refilter later
self._all_policies = []
session = utils.get_profile_session(options)
for p in self.data.get('policies', []):
all_regions = session.get_available_regions(p['resource'])
if 'all' in options.regions:
options.regions = all_regions
for region in options.regions:
if region not in all_regions:
# TODO - do we want a message
continue
options_copy = copy.copy(options)
# TODO - why doesn't aws like unicode regions?
options_copy.region = str(region)
self._all_policies.append(
Policy(p, options_copy, session_factory=self.test_session_factory()))
# Do an initial filtering
self.policies = []
resource_type = getattr(self.options, 'resource_type', None)
policy_name = getattr(self.options, 'policy_filter', None)
self.policies = self.filter(policy_name, resource_type)
def _default_account_id(options):
if options.assume_role:
try:
options.account_id = options.assume_role.split(':')[4]
return
except IndexError:
pass
try:
session = utils.get_profile_session(options)
options.account_id = get_account_id_from_sts(session)
except:
options.account_id = None
def _default_region(options):
marker = object()
value = getattr(options, 'regions', marker)
if value is marker:
return
if len(value) > 0:
return
try:
options.regions = [utils.get_profile_session(options).region_name]
except:
log.warning('Could not determine default region')
options.regions = [None]
if options.regions[0] is None:
log.error('No default region set. Specify a default via AWS_DEFAULT_REGION '
'or setting a region in ~/.aws/config')
sys.exit(1)
log.debug("using default region:%s from boto" % options.regions[0])
