How to use the policyuniverse.score_policy function in policyuniverse
To help you get started, we’ve selected a few policyuniverse examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
Netflix-Skunkworks / policyuniverse / tests / TestMethods.py View on Github 
"Action": [
"sqs:SetQueueAttributes",
"sqs:AddPermission"
],
"Resource": "*",
"Effect": "Allow"
},{
"Action": [
"sns:SetTopicAttributes",
"sns:AddPermission"
],
"Resource": "*",
"Effect": "Allow"
}]
}
score, service_tags, service_score = score_policy(policy)
self.assertEqual(service_tags['iam'], {'CONTROL_PLANE', 'MUTATING'})
self.assertEqual(service_score['iam'], 7)
self.assertEqual(service_tags['s3'], {'CONTROL_PLANE', 'MUTATING'})
self.assertEqual(service_score['s3'], 7)
self.assertEqual(service_tags['sqs'], {'CONTROL_PLANE', 'MUTATING'})
self.assertEqual(service_score['sqs'], 7)
self.assertEqual(service_tags['sns'], {'CONTROL_PLANE', 'MUTATING'})
self.assertEqual(service_score['sns'], 7)
self.assertEqual(score, 47)"Effect": "Allow"
},{
"Action": [
"sns:Publish"
],
"Resource": "*",
"Effect": "Allow"
},{
"Action": [
"iam:ListRoles",
],
"Resource": "*",
"Effect": "Allow"
}]
}
score, service_tags, service_score = score_policy(policy)
self.assertEqual(service_tags['s3'], {'DATA_PLANE', 'MUTATING'})
self.assertEqual(service_score['s3'], 6)
self.assertEqual(service_tags['sqs'], {'DATA_PLANE', 'SIDE_EFFECT'})
self.assertEqual(service_score['sqs'], 5)
self.assertEqual(service_tags['sns'], {'DATA_PLANE', 'SIDE_EFFECT'})
self.assertEqual(service_score['sns'], 5)
self.assertEqual(service_tags['iam'], {'READ'})
self.assertEqual(service_score['iam'], 1)
self.assertEqual(score, 23)policyuniverse
Parse and Process AWS IAM Policies, Statements, ARNs, and wildcards.
Package Health Score
74 / 100Popular policyuniverse functions
- policyuniverse._action_categories.get
- policyuniverse._action_categories.items
- policyuniverse._expand_wildcard_action
- policyuniverse._get_desired_actions_from_statement
- policyuniverse._get_prefixes_for_action
- policyuniverse.action.build_service_actions_from_service_data
- policyuniverse.action_categories.build_action_categories_from_service_data
- policyuniverse.action_categories.categories_for_actions
- policyuniverse.all_permissions
- policyuniverse.all_permissions.difference
- policyuniverse.arn.ARN
- policyuniverse.expand_minimize_over_policies
- policyuniverse.expand_policy
- policyuniverse.expander_minimizer._get_prefixes_for_action
- policyuniverse.get_actions_from_statement
- policyuniverse.logger
- policyuniverse.policy.Policy
- policyuniverse.score_policy