cloudsplaining 0.8.1__tar.gz → 0.8.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (126) hide show
  1. {cloudsplaining-0.8.1/cloudsplaining.egg-info → cloudsplaining-0.8.2}/PKG-INFO +43 -1
  2. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/README.md +41 -0
  3. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/bin/version.py +1 -1
  4. cloudsplaining-0.8.2/cloudsplaining/output/dist/js/index.js +63 -0
  5. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/report.py +6 -0
  6. cloudsplaining-0.8.2/cloudsplaining/output/src/App.vue +197 -0
  7. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/routes/routes.js +21 -11
  8. cloudsplaining-0.8.2/cloudsplaining/output/src/views/Appendices.vue +21 -0
  9. cloudsplaining-0.8.2/cloudsplaining/output/src/views/Guidance.vue +21 -0
  10. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/template.html +8 -0
  11. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/role_details.py +1 -3
  12. cloudsplaining-0.8.2/cloudsplaining/shared/template_config.py +41 -0
  13. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2/cloudsplaining.egg-info}/PKG-INFO +43 -1
  14. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining.egg-info/SOURCES.txt +1 -0
  15. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/pyproject.toml +5 -0
  16. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/setup.py +1 -0
  17. cloudsplaining-0.8.1/cloudsplaining/output/dist/js/index.js +0 -63
  18. cloudsplaining-0.8.1/cloudsplaining/output/src/App.vue +0 -174
  19. cloudsplaining-0.8.1/cloudsplaining/output/src/views/Appendices.vue +0 -12
  20. cloudsplaining-0.8.1/cloudsplaining/output/src/views/Guidance.vue +0 -12
  21. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/LICENSE +0 -0
  22. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/MANIFEST.in +0 -0
  23. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/__init__.py +0 -0
  24. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/bin/__init__.py +0 -0
  25. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/bin/cli.py +0 -0
  26. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/command/__init__.py +0 -0
  27. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/command/create_exclusions_file.py +0 -0
  28. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/command/create_multi_account_config_file.py +0 -0
  29. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/command/download.py +0 -0
  30. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/command/expand_policy.py +0 -0
  31. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/command/scan.py +0 -0
  32. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/command/scan_multi_account.py +0 -0
  33. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/command/scan_policy_file.py +0 -0
  34. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/__init__.py +0 -0
  35. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/dist/index.html +0 -0
  36. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/dist/js/chunk-vendors.js +0 -0
  37. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/policy_finding.py +0 -0
  38. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/public/index.html +0 -0
  39. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/1-overview.md +0 -0
  40. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/2-triage-guidance.md +0 -0
  41. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/3-remediation-guidance.md +0 -0
  42. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/4-validation.md +0 -0
  43. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/definition-assumable-by-compute-service.md +0 -0
  44. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/definition-credentials-exposure.md +0 -0
  45. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/definition-data-exfiltration.md +0 -0
  46. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/definition-infrastructure-modification.md +0 -0
  47. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/definition-privilege-escalation.md +0 -0
  48. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/definition-resource-exposure.md +0 -0
  49. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/definition-service-wildcard.md +0 -0
  50. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/glossary.md +0 -0
  51. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/how-do-i-validate-results.md +0 -0
  52. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/identifying-false-positives.md +0 -0
  53. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/logo.png +0 -0
  54. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/summary.md +0 -0
  55. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/assets/what-should-i-do.md +0 -0
  56. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/Appendix.vue +0 -0
  57. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/Button.vue +0 -0
  58. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/Glossary.vue +0 -0
  59. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/Guidance.vue +0 -0
  60. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/InlinePolicies.vue +0 -0
  61. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/LinkToFinding.vue +0 -0
  62. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/ManagedPolicies.vue +0 -0
  63. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/PolicyTable.vue +0 -0
  64. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/Principals.vue +0 -0
  65. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/ReportMetadata.vue +0 -0
  66. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/Summary.vue +0 -0
  67. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/TaskTable.vue +0 -0
  68. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/charts/SummaryFindings.vue +0 -0
  69. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/finding/AssumeRoleDetails.vue +0 -0
  70. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/finding/FindingCard.vue +0 -0
  71. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/finding/FindingDetails.vue +0 -0
  72. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/finding/PolicyDocumentDetails.vue +0 -0
  73. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/finding/PrivilegeEscalationDetails.vue +0 -0
  74. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/finding/PrivilegeEscalationFormat.vue +0 -0
  75. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/finding/RiskAlertIndicators.vue +0 -0
  76. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/finding/StandardRiskDetails.vue +0 -0
  77. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/principals/PrincipalMetadata.vue +0 -0
  78. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/components/principals/RisksPerPrincipal.vue +0 -0
  79. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/main.js +0 -0
  80. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/sampleData.js +0 -0
  81. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/test/groups-test.js +0 -0
  82. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/test/inline-policies-test.js +0 -0
  83. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/test/managed-policies-test.js +0 -0
  84. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/test/other-test.js +0 -0
  85. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/test/principals-test.js +0 -0
  86. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/test/roles-test.js +0 -0
  87. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/test/task-table-test.js +0 -0
  88. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/util/glossary.js +0 -0
  89. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/util/groups.js +0 -0
  90. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/util/inline-policies.js +0 -0
  91. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/util/managed-policies.js +0 -0
  92. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/util/other.js +0 -0
  93. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/util/principals.js +0 -0
  94. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/util/roles.js +0 -0
  95. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/util/task-table.js +0 -0
  96. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/views/AwsPolicies.vue +0 -0
  97. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/views/CustomerPolicies.vue +0 -0
  98. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/views/IamPrincipals.vue +0 -0
  99. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/views/InlinePolicies.vue +0 -0
  100. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/output/src/views/Summary.vue +0 -0
  101. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/py.typed +0 -0
  102. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/__init__.py +0 -0
  103. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/assume_role_policy_document.py +0 -0
  104. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/authorization_details.py +0 -0
  105. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/group_details.py +0 -0
  106. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/inline_policy.py +0 -0
  107. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/managed_policy_detail.py +0 -0
  108. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/policy_document.py +0 -0
  109. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/resource_policy_document.py +0 -0
  110. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/statement_detail.py +0 -0
  111. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/scan/user_details.py +0 -0
  112. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/__init__.py +0 -0
  113. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/aws_login.py +0 -0
  114. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/constants.py +0 -0
  115. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/default-exclusions.yml +0 -0
  116. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/exceptions.py +0 -0
  117. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/exclusions.py +0 -0
  118. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/multi-account-config.yml +0 -0
  119. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/utils.py +0 -0
  120. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/shared/validation.py +0 -0
  121. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining.egg-info/dependency_links.txt +0 -0
  122. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining.egg-info/entry_points.txt +0 -0
  123. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining.egg-info/requires.txt +0 -0
  124. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining.egg-info/top_level.txt +0 -0
  125. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining.egg-info/zip-safe +0 -0
  126. {cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/setup.cfg +0 -0
{cloudsplaining-0.8.1/cloudsplaining.egg-info → cloudsplaining-0.8.2}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: cloudsplaining
3
- Version: 0.8.1
3
+ Version: 0.8.2
4
4
  Summary: AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report.
5
5
  Home-page: https://github.com/salesforce/cloudsplaining
6
6
  Author: Kinnaird McQuade
@@ -19,6 +19,7 @@ Classifier: Programming Language :: Python :: 3.10
19
19
  Classifier: Programming Language :: Python :: 3.11
20
20
  Classifier: Programming Language :: Python :: 3.12
21
21
  Classifier: Programming Language :: Python :: 3.13
22
+ Classifier: Programming Language :: Python :: 3.14
22
23
  Classifier: License :: OSI Approved :: MIT License
23
24
  Classifier: Operating System :: OS Independent
24
25
  Requires-Python: >=3.9
@@ -359,6 +360,47 @@ cloudsplaining scan-multi-account \
359
360
 
360
361
  > Note that if you run the above without the `--profile` flag, it will execute in the standard [AWS Credentials order of precedence](https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default) (i.e., Environment variables, credentials profiles, ECS container credentials, then finally EC2 Instance Profile credentials).
361
362
 
363
+ ## Custom Guidance and Appendices
364
+
365
+ Cloudsplaining supports customizing the Guidance and Appendices sections of the HTML report to include organization-specific security recommendations and documentation.
366
+
367
+ ### How It Works
368
+
369
+ Place HTML files in your project root directory:
370
+
371
+ - `custom-guidance.html` - Custom security guidance content
372
+ - `custom-appendices.html` - Custom appendices content
373
+
374
+ ### Behavior
375
+
376
+ - **Files don't exist**: Shows default AWS security advice
377
+ - **Files exist with content**: Shows your custom HTML content
378
+ - **Files exist but are empty**: Hides the tabs entirely
379
+ - **Mixed configuration**: Each tab works independently
380
+
381
+ ### Example Usage
382
+
383
+ ```bash
384
+ # Create custom guidance
385
+ echo '<h1>Company Security Guidelines</h1>
386
+ <p>Follow these organization-specific steps:</p>
387
+ <ul>
388
+ <li>Review with security team</li>
389
+ <li>Document in JIRA ticket</li>
390
+ <li>Get approval before remediation</li>
391
+ </ul>' > custom-guidance.html
392
+
393
+ # Create custom appendices
394
+ echo '<h1>Internal Resources</h1>
395
+ <p>Additional company resources:</p>
396
+ <ul>
397
+ <li><a href="https://internal.company.com/security">Security Portal</a></li>
398
+ <li><a href="https://wiki.company.com/iam">IAM Best Practices</a></li>
399
+ </ul>' > custom-appendices.html
400
+ ```
401
+
402
+ # Generate report with custom content
403
+ cloudsplaining scan --input-file account-data.json --output reports/
362
404
 
363
405
  ## Cheatsheet
364
406
 
{cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/README.md RENAMED
@@ -332,6 +332,47 @@ cloudsplaining scan-multi-account \
332
332
 
333
333
  > Note that if you run the above without the `--profile` flag, it will execute in the standard [AWS Credentials order of precedence](https://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html#credentials-default) (i.e., Environment variables, credentials profiles, ECS container credentials, then finally EC2 Instance Profile credentials).
334
334
 
335
+ ## Custom Guidance and Appendices
336
+
337
+ Cloudsplaining supports customizing the Guidance and Appendices sections of the HTML report to include organization-specific security recommendations and documentation.
338
+
339
+ ### How It Works
340
+
341
+ Place HTML files in your project root directory:
342
+
343
+ - `custom-guidance.html` - Custom security guidance content
344
+ - `custom-appendices.html` - Custom appendices content
345
+
346
+ ### Behavior
347
+
348
+ - **Files don't exist**: Shows default AWS security advice
349
+ - **Files exist with content**: Shows your custom HTML content
350
+ - **Files exist but are empty**: Hides the tabs entirely
351
+ - **Mixed configuration**: Each tab works independently
352
+
353
+ ### Example Usage
354
+
355
+ ```bash
356
+ # Create custom guidance
357
+ echo '<h1>Company Security Guidelines</h1>
358
+ <p>Follow these organization-specific steps:</p>
359
+ <ul>
360
+ <li>Review with security team</li>
361
+ <li>Document in JIRA ticket</li>
362
+ <li>Get approval before remediation</li>
363
+ </ul>' > custom-guidance.html
364
+
365
+ # Create custom appendices
366
+ echo '<h1>Internal Resources</h1>
367
+ <p>Additional company resources:</p>
368
+ <ul>
369
+ <li><a href="https://internal.company.com/security">Security Portal</a></li>
370
+ <li><a href="https://wiki.company.com/iam">IAM Best Practices</a></li>
371
+ </ul>' > custom-appendices.html
372
+ ```
373
+
374
+ # Generate report with custom content
375
+ cloudsplaining scan --input-file account-data.json --output reports/
335
376
 
336
377
  ## Cheatsheet
337
378
 
{cloudsplaining-0.8.1 → cloudsplaining-0.8.2}/cloudsplaining/bin/version.py RENAMED
@@ -1,2 +1,2 @@
1
1
  # pylint: disable=missing-module-docstring
2
- __version__ = "0.8.1"
2
+ __version__ = "0.8.2"