-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix IAM definition update code #253
Comments
@kmcquade taking this up. ok to assign this to me? |
@kmcquade there is no file |
This was closed by #254 thanks to @reetasingh. In the pull request, I explained some of the testing strategy. I am providing that text here for documentation purposes. Testing strategy so farGenerally, my testing strategy has gone like this so far:
I'm going to paste this very informative text about the testing strategy in the relevant GitHub issue so others can find it later lol. |
AWS changed the format of the Actions, Resources, and Condition Keys page slightly. Since we use that as the data source for the IAM Definition (as described in our documentation here), we need to update the IAM update process.
Luckily, Scott Piper figured out the modifications that are required in this PR to duo-labs/parliament. Since we both use the same approach for our IAM update process, it is relatively straightforward to make this fix.
The key code, which matches up pretty well with his code, is here.
policy_sentry/policy_sentry/shared/awsdocs.py
Line 137 in 0b3398a
If anyone takes this up, I suggest looking at the diff from his PR, matching that up with the corresponding parts in ours, and then running the
utils/update_iam_data.py
script to see if it updates properly. You can check theiam_definition.json
file in this folder to see if it worked successfully.The text was updated successfully, but these errors were encountered: