1. Advisor
  2. cloudaux
  3. functions
  4. cloudaux.aws.iam.list_roles
View all cloudaux analysis

How to use the cloudaux.aws.iam.list_roles function in cloudaux

To help you get started, we’ve selected a few cloudaux examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github Netflix / security_monkey / security_monkey / watchers / iam / iam_role.py View on Github external
def list_method(self, **kwargs):
        all_roles = list_roles(**kwargs)
        items = []

        for role in all_roles:
            role["Region"] = "us-east-1"  # IAM is global
            items.append(role)

        return items
github Netflix / repokid / repokid / cli / repokid_cli.py View on Github external
9) get Aardvark data for each role
      10) update Dynamo with Aardvark data
      11) calculate repoable permissions/policies for all the roles
      12) update Dynamo with information about how many total and repoable permissions and which services are repoable
      13) update stats in Dynamo with basic information like total permissions and which filters are applicable

    Args:
        account_number (string): The current account number Repokid is being run against

    Returns:
        None
    """
    conn = config['connection_iam']
    conn['account_number'] = account_number

    roles = Roles([Role(role_data) for role_data in list_roles(**conn)])

    active_roles = []
    LOGGER.info('Updating role data for account {}'.format(account_number))
    for role in tqdm(roles):
        role.account = account_number
        current_policies = get_role_inline_policies(role.as_dict(), **conn) or {}
        active_roles.append(role.role_id)
        roledata.update_role_data(dynamo_table, account_number, role, current_policies)

    LOGGER.info('Finding inactive accounts')
    roledata.find_and_mark_inactive(dynamo_table, account_number, active_roles)

    LOGGER.info('Filtering roles')
    plugins = FilterPlugins()

    # Blacklist needs to know the current account
github Netflix-Skunkworks / aardvark / aardvark / updater / __init__.py View on Github external
def _get_arns(self):
        """
        Gets a list of all Role ARNs in a given account, optionally limited by
        class property ARN filter
        :return: list of role ARNs
        """
        client = boto3_cached_conn(
            'iam', service_type='client', **self.conn_details)

        account_arns = set()

        for role in list_roles(**self.conn_details):
            account_arns.add(role['Arn'])

        for user in list_users(**self.conn_details):
            account_arns.add(user['Arn'])

        for page in client.get_paginator('list_policies').paginate(Scope='Local'):
            for policy in page['Policies']:
                account_arns.add(policy['Arn'])

        for page in client.get_paginator('list_groups').paginate():
            for group in page['Groups']:
                account_arns.add(group['Arn'])

        result_arns = set()
        for arn in self.arn_list:
            if arn.lower() == 'all':

cloudaux

Cloud Auxiliary is a python wrapper and orchestration module for interacting with cloud providers

GitHub
Apache-2.0
Latest version published 3 years ago

Package Health Score

54 / 100
Full package analysis

Popular cloudaux functions

Similar packages