Skip to content

Commit

Permalink
Fix IAM definition update code (#254)
Browse files Browse the repository at this point in the history 
update awsdocs.py for new AWS formatting changes
  • Loading branch information
@reetasingh
reetasingh committed Oct 16, 2020
1 parent 0b3398a commit e6d275b
Show file tree
Hide file tree
Showing 237 changed files with 9,684 additions and 1,031 deletions.
35 changes: 18 additions & 17 deletions policy_sentry/shared/awsdocs.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,17 @@

logger = logging.getLogger(__name__) # pylint: disable=invalid-name

def header_matches(string, table):
"""checks if the string is found in the table header"""
headers = [chomp(str(x)).lower() for x in table.find_all("th")]
match_found = False
for header in headers:
if string in header:
match_found = True
break
if not match_found:
return False
return True

def get_links_from_base_actions_resources_conditions_page():
"""Gets the links from the actions, resources, and conditions keys page, and returns their filenames."""
Expand Down Expand Up @@ -171,7 +182,7 @@ def create_database(destination_directory, access_level_overrides_file):
# Get service name
title = main_content.find("h1", class_="topictitle").text
title = re.sub(
".*Actions, Resources, and Condition Keys for *", "", str(title),
".*Actions, resources, and condition Keys for *", "", str(title),
flags=re.IGNORECASE
)

Expand Down Expand Up @@ -202,9 +213,7 @@ def create_database(destination_directory, access_level_overrides_file):
for table in tables:
# There can be 3 tables, the actions table, an ARN table, and a condition key table
# Example: https://docs.aws.amazon.com/IAM/latest/UserGuide/list_awssecuritytokenservice.html
if "<th> Actions </th>" not in [
chomp(str(x)) for x in table.find_all("th")
]:
if not header_matches("actions", table) or not header_matches("description", table):
continue

rows = table.find_all("tr")
Expand All @@ -219,12 +228,9 @@ def create_database(destination_directory, access_level_overrides_file):
continue

if len(cells) != 6:
# Sometimes the privilege might span multiple rows.
# Example: amazonroute53-DisassociateVPCFromHostedZone
# We should be handling this, but if we are not, then bail
raise Exception(
"Unexpected format in {}: {}".format(prefix, row)
)
# Sometimes the privilege contains Scenarios, and I don't know how to handle this
# raise Exception("Unexpected format in {}: {}".format(prefix, row))
break

# See if this cell spans multiple rows
rowspan = 1
Expand Down Expand Up @@ -326,8 +332,7 @@ def create_database(destination_directory, access_level_overrides_file):

# Get resource table
for table in tables:
header_cells = [chomp(str(x)) for x in table.find_all("th")]
if "<th> Resource Types </th>".lower() not in (cell.lower() for cell in header_cells):
if not header_matches("resource types", table) or not header_matches("arn", table):
continue

rows = table.find_all("tr")
Expand Down Expand Up @@ -360,11 +365,7 @@ def create_database(destination_directory, access_level_overrides_file):

# Get condition keys table
for table in tables:
if "<th> Condition Keys </th>".lower() not in [
chomp(str(x)).lower() for x in table.find_all("th")
] or "<th> Type </th>".lower() not in [
chomp(str(x)).lower() for x in table.find_all("th")
]:
if not (header_matches("<th> condition keys </th>", table) and header_matches("<th> type </th>", table)):
continue

rows = table.find_all("tr")
Expand Down
2 changes: 1 addition & 1 deletion policy_sentry/shared/data/docs/list_alexaforbusiness.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -127,7 +127,7 @@ <h1 class="topictitle" id="list_alexaforbusiness">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/a4b/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazonapigateway.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazonapigateway">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/apigateway/api-reference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazonapigateway">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-control-access-to-api.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazonappflow.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazonappflow">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/appflow/1.0/APIReference/Welcome.html">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazonappflow">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/appflow/latest/userguide/auth-and-access-control.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazonappstream2.0.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazonappstream2.0">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/appstream2/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazonappstream2.0">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/appstream2/latest/developerguide/controlling-access.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazonathena.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazonathena">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/athena/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazonathena">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/athena/latest/ug/access.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazonbraket.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazonbraket">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/braket/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazonbraket">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/braket/latest/UserGuide/braket-manage-access.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazonchime.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazonchime">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/chime/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazonchime">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/chime/latest/ag/control-access.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazonclouddirectory.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazonclouddirectory">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/directoryservice/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazonclouddirectory">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/directoryservice/latest/admin-guide/UsingWithDS_IAM_AuthNAccess.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncloudfront.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncloudfront">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/cloudfront/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncloudfront">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/auth-and-access-control.html/">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncloudsearch.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncloudsearch">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/cloudsearch/latest/developerguide/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncloudsearch">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/cloudsearch/latest/developerguide/access_permissions.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncloudwatch.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncloudwatch">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncloudwatch">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/auth-and-access-control-cw.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncloudwatchlogs.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncloudwatchlogs">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncloudwatchlogs">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/auth-and-access-control-cw.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncloudwatchsynthetics.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncloudwatchsynthetics">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/AmazonSynthetics/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncloudwatchsynthetics">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/auth-and-access-control-cw.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncodeguru.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncodeguru">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/codeguru/latest/profiler-api/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncodeguru">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/codeguru/latest/profiler-ug/security-iam.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncodeguruprofiler.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncodeguruprofiler">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/codeguru/latest/profiler-api/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncodeguruprofiler">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/codeguru/latest/profiler-ug/security-iam.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncodegurureviewer.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncodegurureviewer">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/codeguru/latest/reviewer-api/Welcome.html">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncodegurureviewer">
<p>
Learn how to secure this service and its resources by
<a href="${UserGuideDocPage}" target="_blank">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncognitoidentity.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncognitoidentity">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/cognitoidentity/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncognitoidentity">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
4 changes: 2 additions & 2 deletions policy_sentry/shared/data/docs/list_amazoncognitosync.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -136,7 +136,7 @@ <h1 class="topictitle" id="list_amazoncognitosync">
<p>
View a list of the
<a href="https://docs.aws.amazon.com/cognitosync/latest/APIReference/">
API operations available for this service
API operations available for this service
</a>
.
</p>
Expand All @@ -145,7 +145,7 @@ <h1 class="topictitle" id="list_amazoncognitosync">
<p>
Learn how to secure this service and its resources by
<a href="https://docs.aws.amazon.com/cognito/latest/developerguide/resource-permissions.html#amazon-cognito-amazon-resource-names">
using IAM
using IAM
</a>
permission policies.
</p>
Expand Down
Loading

0 comments on commit e6d275b

Please sign in to comment.