示例#1
0
 def policy_documents(self) -> List[OptionallyNamedPolicyDocument]:
     result = []
     policies = self.Properties.Policies if self.Properties and self.Properties.Policies else []
     for policy in policies:
         result.append(
             OptionallyNamedPolicyDocument(
                 name=policy.PolicyName,
                 policy_document=policy.PolicyDocument))
     return result
示例#2
0
 def obtain_policy_documents(self, policy_documents: List,
                             properties: List[Any]):
     """
     Obtains recursively all the optionally named policy documents within a given list of properties.
     """
     for property_type in properties:
         if isinstance(property_type, PolicyDocument):
             policy_documents.append(
                 OptionallyNamedPolicyDocument(
                     policy_document=property_type, name=None))
         elif isinstance(property_type, Policy):
             policy_documents.append(
                 OptionallyNamedPolicyDocument(
                     name=property_type.PolicyName,
                     policy_document=property_type.PolicyDocument))
         elif isinstance(property_type, OptionallyNamedPolicyDocument):
             policy_documents.append(property_type)
         elif isinstance(property_type, list):
             self.obtain_policy_documents(policy_documents=policy_documents,
                                          properties=property_type)
         elif isinstance(property_type, Generic):
             self.obtain_policy_documents(
                 policy_documents=policy_documents,
                 properties=list(property_type.__dict__.values()))
示例#3
0
def test_can_obtain_policy_documents_from_inherited_method(valid_opensearch_domain_with_access_policies):
    assert len(valid_opensearch_domain_with_access_policies.policy_documents) == 1
    assert valid_opensearch_domain_with_access_policies.policy_documents == [
        OptionallyNamedPolicyDocument(
            policy_document=PolicyDocument(
                Statement=[
                    Statement(
                        Effect="Allow",
                        Action="es:*",
                        Resource="arn:aws:es:us-east-1:123456789012:domain/test/*",
                        Principal=Principal(AWS="arn:aws:iam::123456789012:user/opensearch-user"),
                    )
                ]
            ),
            name=None,
        ),
    ]
示例#4
0
 def policy_documents(self) -> List[OptionallyNamedPolicyDocument]:
     return [
         OptionallyNamedPolicyDocument(
             name=None, policy_document=self.Properties.PolicyDocument)
     ]
示例#5
0
def test_iamgroup_policy_documents(iam_group):
    assert iam_group.policy_documents == [
        OptionallyNamedPolicyDocument(
            name="BadPolicy",
            policy_document=iam_group.Properties.Policies[0].PolicyDocument)
    ]
示例#6
0
def test_iam_role_policy_documents(iam_user):
    assert iam_user.policy_documents == [
        OptionallyNamedPolicyDocument(name="BadPolicy", policy_document=iam_user.Properties.Policies[0].PolicyDocument)
    ]
示例#7
0
def test_iamrole_policy_documents(iam_role):
    assert iam_role.policy_documents == [
        OptionallyNamedPolicyDocument(
            name="root",
            policy_document=iam_role.Properties.Policies[0].PolicyDocument)
    ]