-
Notifications
You must be signed in to change notification settings - Fork 93
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Stop more checks if invalid resources are found #159
Conversation
Great project by the way! Glad I could try to contribute like @danielpops and @piax93, small world. |
@@ -41,7 +41,7 @@ This example is showing that the action s3:GetObject requires a resource matchin | |||
The different input types allowed include: | |||
- --file: Filename | |||
- --directory: A directory path, for exmaple: `--directory . --include_policy_extension json --exclude_pattern ".*venv.*"` | |||
- --aws-managed-policies: For use specifically with the repo https://github.com/SummitRoute/aws_managed_policies | |||
- --aws-managed-policies: For use specifically with the repo https://github.com/z0ph/aws_managed_policies |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good call since I don't update my repo anymore.
for setting, settting_value in settings.items(): | ||
config[finding_type][setting] = settting_value | ||
for setting, setting_value in settings.items(): | ||
config[finding_type][setting] = setting_value |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice catch on the spelling issue
@@ -641,7 +642,7 @@ def analyze_statement(self): | |||
""" | |||
Given a statement, look for problems and extract out the parts. | |||
|
|||
If it is maformed, return False | |||
If it is malformed, return False |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice spelling catch again
@@ -955,4 +955,4 @@ def analyze_statement(self): | |||
"RESOURCE_STAR", detail=sorted(self.resource_star), location=self.stmt | |||
) | |||
|
|||
return True | |||
return not has_malformed_resource |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this line is the only change the PR mentioned?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yup, I added a couple of lines about the 2 other commits now, let me know if you'd prefer I mention it in the PR title.
Thank you @KevinHock! Looks like your PR includes a lot of additional changes. I like the spelling changes and the link change, but I'd rather keep my for loop logic as is, as opposed to using |
sgtm @0xdabbad00 :) Made the changes |
LGTM. This can be merged @steiza |
Analyzing a policy with an INVALID_ARN gives exceptions from all of the community auditors
e.g.
from test_resources.py
Also:
Update managed policies repo link to @z0ph's
Fix some spelling