probator_auditor_iam.
IAMAuditor
¶Bases: probator.plugins.BaseAuditor
Validate and apply IAM policies for AWS Accounts
run
()¶Iterate through all AWS accounts and apply roles and policies from Github
Returns: | None |
---|
get_policies_from_git
()¶Retrieve policies from the Git repo. Returns a dictionary containing all the roles and policies
Returns: | dict |
---|---|
Return type: | dict of str |
get_policies_from_aws
(client, scope='Local')¶Returns a list of all the policies currently applied to an AWS Account. Returns a list containing all the policies for the specified scope
Parameters: |
|
---|---|
Returns: |
|
get_roles
(client)¶Returns a list of all the roles for an account. Returns a list containing all the roles for the account.
Parameters: | client (boto3.session.Session ) – A boto3 Session object |
---|---|
Returns: | list of dict |
create_policy
(account, client, document, name, arn=None)¶Create a new IAM policy.
If the policy already exists, a new version will be added and if needed the oldest policy version not in use will be removed. Returns a dictionary containing the policy or version information
Parameters: |
|
---|---|
Returns: | dict |