Yasuke/moto
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
so/fix-multipart-parsing
moto/scripts/update_managed_policies.py
Bert Blommers a92dcd149d
IAM - reduce filesize default policies (#5263)
2022-06-26 12:01:25 +00:00

81 lines
2.3 KiB
Python
Executable File
Raw Permalink Blame History

#!/usr/bin/env python
# This updates our local copies of AWS' managed policies
# Invoked via `make update_managed_policies`
#
# Credit goes to
# https://gist.github.com/gene1wood/55b358748be3c314f956
from botocore.exceptions import NoCredentialsError
from datetime import datetime
import boto3
import json
import sys
output_file = "./moto/iam/aws_managed_policies.py"
def json_serial(obj):
"""JSON serializer for objects not serializable by default json code"""
if isinstance(obj, datetime):
serial = obj.isoformat()
return serial
raise TypeError("Type not serializable")
client = boto3.client("iam")
policies = {}
paginator = client.get_paginator("list_policies")
try:
response_iterator = paginator.paginate(Scope="AWS")
for response in response_iterator:
for policy in response["Policies"]:
policy.pop("AttachmentCount", None)
policy.pop("IsAttachable", None)
policy.pop("IsDefaultVersion", None)
policy.pop("PolicyId", None)
policy_name = policy.pop("PolicyName")
policies[policy_name] = policy
except NoCredentialsError:
print("USAGE:")
print("Put your AWS credentials into ~/.aws/credentials and run:")
print(__file__)
print("")
print("Or specify them on the command line:")
print(
"AWS_ACCESS_KEY_ID=your_personal_access_key AWS_SECRET_ACCESS_KEY=your_personal_secret {}".format(
__file__
)
)
print("")
sys.exit(1)
for policy_name in policies:
# We don't need the ARN afterwards
policy_arn = policies[policy_name].pop("Arn")
response = client.get_policy_version(
PolicyArn=policy_arn,
VersionId=policies[policy_name]["DefaultVersionId"],
)
for key in response["PolicyVersion"]:
if key in ["DefaultVersionId", "Path", "Document", "UpdateDate"]:
policies[policy_name][key] = response["PolicyVersion"][key]
with open(output_file, "w") as f:
triple_quote = '"""'
f.write("# Imported via `make aws_managed_policies`\n")
f.write("aws_managed_policies_data = {}\n".format(triple_quote))
f.write(
json.dumps(
policies,
sort_keys=True,
indent=1,
separators=(",", ":"),
default=json_serial,
)
)
f.write("{}\n".format(triple_quote))
Reference in New Issue View Git Blame Copy Permalink