No project description provided

These details have not been verified by PyPI

Project links

Project description

IAM SARIF Report

Validate your IAM Policies and SCPs with AWS Policy Validator, and convert those results into SARIF documents for reporting.

Use Me

To generate findings, iam-sarif-report makes AWS API requests. The AWS Principal you use must be allowed to use the access-analyzer:ValidatePolicy command.

{
  "Effect": "Allow",
  "Action": "access-analyzer:ValidatePolicy",
  "Resource": "*"
}

GitHub Action

See the action.yaml for detailed usage information.

on: [push]
jobs:
  example:
    permissions:
      id-token: write
      security-events: write # When using GitHub Advanced Security
      actions: read
      contents: read
      checks: write # When using SARIF annotator
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v3

      # setup aws access
      - uses: aws-actions/configure-aws-credentials@v3
        with:
          role-to-assume: arn:aws:iam::111111111111:role/my-github-actions-role-test
          aws-region: eu-west-1

      # validate some policies and write a SARIF result file
      - uses: georgealton/iam-sarif-report@v2
        with:
          policies: policies/
          result: results/iam.sarif

      # Public repositories and Organizations with GitHub Advanced Security
      # can upload sarif files using CodeQL
      - uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: results

      # Without GitHub Advanced Security use sarif-annotator
      - uses: SirYwell/sarif-annotator@v0.2.1
        with:
          report-path: results/iam.sarif
          source: qodana

Locally

pipx run iam-sarif-report tests/data/policy_checks/policies/*

Project details

These details have not been verified by PyPI

Project links

Release history Release notifications | RSS feed

This version

2.3.3

Aug 8, 2024

2.3.2

Apr 4, 2024

2.3.1

Feb 28, 2024

2.3.0

Feb 28, 2024

2.2.0

Oct 5, 2022

2.1.0

Jul 2, 2022

2.0.1

Jun 22, 2022

2.0.0

Jun 15, 2022

1.0.0

Jun 6, 2022

0.1.0

Apr 14, 2022

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

iam_sarif_report-2.3.3.tar.gz (58.4 kB view details)

Uploaded Aug 8, 2024 Source

Built Distribution

iam_sarif_report-2.3.3-py3-none-any.whl (37.3 kB view details)

Uploaded Aug 8, 2024 Python 3

File details

Details for the file iam_sarif_report-2.3.3.tar.gz.

File metadata

Download URL: iam_sarif_report-2.3.3.tar.gz
Upload date: Aug 8, 2024
Size: 58.4 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.0 CPython/3.12.5

File hashes

Hashes for iam_sarif_report-2.3.3.tar.gz
Algorithm	Hash digest
SHA256	`512938445d823370555c532be8546fd6748a9eabb4942200609e8c127288c212`
MD5	`c3b35eff54c738110740f75b8123faa8`
BLAKE2b-256	`7daaf0720c12009530f978484954e29264d82c083a60e173857b47f4c89d5e82`

See more details on using hashes here.

File details

Details for the file iam_sarif_report-2.3.3-py3-none-any.whl.

File metadata

Download URL: iam_sarif_report-2.3.3-py3-none-any.whl
Upload date: Aug 8, 2024
Size: 37.3 kB
Tags: Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/5.1.0 CPython/3.12.5

File hashes

Hashes for iam_sarif_report-2.3.3-py3-none-any.whl
Algorithm	Hash digest
SHA256	`3cedad73577ea97bead6d134d54efea9b4227de00edcdc73e05d097e9b059102`
MD5	`35b414957794fc1089e4d219938eba3e`
BLAKE2b-256	`08b4357d829b9b822e3e5aa41496da4c7a9fef28ebf9ea967a8109165ac38641`