How to use the parliament.policy.Policy function in parliament

To help you get started, we’ve selected a few parliament examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github duo-labs / parliament / parliament / __init__.py View on Github external
def analyze_policy_string(policy_str, filepath=None):
    """Given a string reperesenting a policy, convert it to a Policy object with findings"""

    try:
        # TODO Need to write my own json parser so I can track line numbers. See https://stackoverflow.com/questions/7225056/python-json-decoding-library-which-can-associate-decoded-items-with-original-li
        policy_json = json.loads(policy_str)
    except ValueError as e:
        policy = Policy(None)
        policy.add_finding("MALFORMED_JSON", detail="json parsing error: {}".format(e))
        return policy

    policy = Policy(policy_json, filepath)
    policy.analyze()
    return policy
github duo-labs / cloudmapper / commands / access_check.py View on Github external
def get_privilege_statements(policy_doc, privilege_matches, resource_arn, principal):
    policy = parliament.policy.Policy(policy_doc)
    policy.analyze()

    policy_privilege_matches = []

    for privilege_match in privilege_matches:
        references = policy.get_references(
            privilege_match["privilege_prefix"], privilege_match["privilege_name"]
        )

        statements_for_resource = []
        for reference in references:
            expanded_reference = replace_principal_variables(reference, principal)
            # TODO I need to do something for NotResource and NotAction
            if parliament.is_arn_match(
                privilege_match["resource_type"], expanded_reference, resource_arn
            ):
github duo-labs / parliament / parliament / __init__.py View on Github external
def analyze_policy_string(policy_str, filepath=None):
    """Given a string reperesenting a policy, convert it to a Policy object with findings"""

    try:
        # TODO Need to write my own json parser so I can track line numbers. See https://stackoverflow.com/questions/7225056/python-json-decoding-library-which-can-associate-decoded-items-with-original-li
        policy_json = json.loads(policy_str)
    except ValueError as e:
        policy = Policy(None)
        policy.add_finding("MALFORMED_JSON", detail="json parsing error: {}".format(e))
        return policy

    policy = Policy(policy_json, filepath)
    policy.analyze()
    return policy