def getAWSPolicyDocument(ctx, policyName): meta = aws_policies.getPolicyMeta(ctx, policyName) if meta == None: ctx.log('AWS policy %s was not found' % policyName) else: policyDoc = aws_policies.getDefaultPolicyVersion(ctx, policyName) return policyDoc
def showAWSPolicy(ctx, targetRegion, targetEnv, targetService, targetPolicy): if targetPolicy != None: meta = ctx.awsPolicyMeta[targetPolicy] click.echo('%s: %s' % (targetPolicy, meta) ) click.echo('') policyDocument = aws_policies.getDefaultPolicyVersion(ctx, targetPolicy) click.echo(ctx.dumps(policyDocument)) else: for policyName in ctx.awsPolicyMeta: meta = ctx.awsPolicyMeta[policyName] click.echo('%s: %s' % (policyName, meta) ) click.echo('') policyDocument = aws_policies.getDefaultPolicyVersion(ctx, policyName) click.echo(ctx.dumps(policyDocument)) click.echo('-------------------------------------') click.echo('')
def compareModel2AWS(ctx, policyName, meta, diff_type, context_lines): docModel = ['Version','Statement'] stmtModel = ['Effect','Action','Resource'] statement = Reorder() statement.model = stmtModel document = Reorder() document.model = docModel ctx.vlog('Fetching AWS policy: %s' % policyName) awsPolicy = aws_policies.getDefaultPolicyVersion(ctx, policyName) if awsPolicy == None: return False, None awsPolicy = document.do(awsPolicy) awsPolicy['Statement'] = statement.dolist(awsPolicy['Statement']) awsDoc = json.dumps(awsPolicy, indent=4) ctx.vlog('Fetching Model policy') modelPolicy = getModelPolicyDocument(ctx, policyName) modelDoc = json.dumps(modelPolicy, indent=4) matched = True diff = None if diff_type == 'context': d = difflib.context_diff(modelDoc.splitlines(),awsDoc.splitlines(), "AWS","Model", n=context_lines) dd = list(d) if len(dd) > 0: matched = False diff = dd elif diff_type == 'ndiff': d = difflib.ndiff(modelDoc.splitlines(),awsDoc.splitlines()) dd = list(d) for line in dd: if line[0] == '-' or line[0] == '+' or line[0] == '?': matched = False diff = dd else: d = difflib.unified_diff(modelDoc.splitlines(),awsDoc.splitlines(), "AWS","Model", n=context_lines) dd = list(d) if len(dd) > 0: matched = False diff = dd return matched, diff