iam-policy-validator 1.1.1__tar.gz → 1.1.2__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of iam-policy-validator might be problematic. Click here for more details.

Files changed (147) hide show
  1. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/PKG-INFO +1 -1
  2. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/__version__.py +1 -1
  3. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/utils/sensitive_action_matcher.py +17 -17
  4. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/pyproject.toml +1 -1
  5. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/uv.lock +1 -1
  6. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/.github/dependabot.yml +0 -0
  7. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/.github/workflows/ci.yml +0 -0
  8. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/.github/workflows/release.yml +0 -0
  9. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/.gitignore +0 -0
  10. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/.python-version +0 -0
  11. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/CONTRIBUTING.md +0 -0
  12. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/DOCS.md +0 -0
  13. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/LICENSE +0 -0
  14. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/Makefile +0 -0
  15. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/README.md +0 -0
  16. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/action.yaml +0 -0
  17. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/default-config.yaml +0 -0
  18. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/docs/README.md +0 -0
  19. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/docs/configuration.md +0 -0
  20. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/docs/custom-checks.md +0 -0
  21. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/docs/development/PUBLISHING.md +0 -0
  22. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/README.md +0 -0
  23. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/access-analyzer/example1.json +0 -0
  24. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/access-analyzer/example2.json +0 -0
  25. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/configs/action-condition-enforcement-advanced.yaml +0 -0
  26. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/configs/config-privilege-escalation.yaml +0 -0
  27. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/configs/custom-business-rules.yaml +0 -0
  28. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/configs/custom-wildcard-config.yaml +0 -0
  29. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/configs/none_of_example.yaml +0 -0
  30. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/configs/unified-condition-enforcement.yaml +0 -0
  31. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/README.md +0 -0
  32. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/advanced_multi_condition_validator.py +0 -0
  33. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/cross_account_external_id_check.py +0 -0
  34. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/domain_restriction_check.py +0 -0
  35. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/encryption_required_check.py +0 -0
  36. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/mfa_required_check.py +0 -0
  37. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/region_restriction_check.py +0 -0
  38. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/tag_enforcement_check.py +0 -0
  39. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/custom_checks/time_based_access_check.py +0 -0
  40. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/README.md +0 -0
  41. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/access-analyzer-only.yaml +0 -0
  42. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/action-examples.md +0 -0
  43. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/basic-validation.yaml +0 -0
  44. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/custom-policy-checks.yml +0 -0
  45. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/multi-region-validation.yaml +0 -0
  46. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/resource-policy-validation.yaml +0 -0
  47. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/sequential-validation.yaml +0 -0
  48. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/github-actions/two-step-validation.yaml +0 -0
  49. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/README-privilege-escalation.md +0 -0
  50. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/allowed-wildcard-resource.json +0 -0
  51. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/api_gateway_management.json +0 -0
  52. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/athena_query_access.json +0 -0
  53. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/backup_vault_access.json +0 -0
  54. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/cloudformation_deployer.json +0 -0
  55. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/cloudwatch_monitoring.json +0 -0
  56. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/cognito_user_pool.json +0 -0
  57. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/dynamodb_table_access.json +0 -0
  58. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/ecs_task_execution.json +0 -0
  59. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/eventbridge_rules.json +0 -0
  60. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/glue_etl_jobs.json +0 -0
  61. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/insecure_policy.json +0 -0
  62. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/invalid-resource-constraint.json +0 -0
  63. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/invalid_policy.json +0 -0
  64. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/kms_encryption_keys.json +0 -0
  65. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/lambda_developer.json +0 -0
  66. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/maximum_size_policy.json +0 -0
  67. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/policy_missing_required_tags.json +0 -0
  68. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/policy_tag_enforcement_example.json +0 -0
  69. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/policy_with_wildcard_resources.json +0 -0
  70. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/privilege_escalation_scattered.json +0 -0
  71. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/rds_database_admin.json +0 -0
  72. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/sample_policy.json +0 -0
  73. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/secrets_manager_access.json +0 -0
  74. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/sensitive-action-wildcards.json +0 -0
  75. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/sns_sqs_messaging.json +0 -0
  76. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/step_functions_workflow.json +0 -0
  77. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/test_none_of_valid.json +0 -0
  78. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/test_none_of_violations.json +0 -0
  79. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/wildcard_examples.json +0 -0
  80. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/examples/policies/test-cases/wrong-condition-key.json +0 -0
  81. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/__init__.py +0 -0
  82. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/__main__.py +0 -0
  83. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/__init__.py +0 -0
  84. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/action_condition_enforcement.py +0 -0
  85. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/action_resource_constraint.py +0 -0
  86. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/action_validation.py +0 -0
  87. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/condition_key_validation.py +0 -0
  88. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/policy_size.py +0 -0
  89. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/resource_validation.py +0 -0
  90. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/security_best_practices.py +0 -0
  91. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/sid_uniqueness.py +0 -0
  92. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/utils/__init__.py +0 -0
  93. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/utils/policy_level_checks.py +0 -0
  94. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/utils/wildcard_expansion.py +0 -0
  95. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/commands/__init__.py +0 -0
  96. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/commands/analyze.py +0 -0
  97. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/commands/base.py +0 -0
  98. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/commands/cache.py +0 -0
  99. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/commands/post_to_pr.py +0 -0
  100. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/commands/validate.py +0 -0
  101. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/__init__.py +0 -0
  102. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/access_analyzer.py +0 -0
  103. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/access_analyzer_report.py +0 -0
  104. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/aws_fetcher.py +0 -0
  105. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/aws_global_conditions.py +0 -0
  106. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/check_registry.py +0 -0
  107. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/cli.py +0 -0
  108. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/config_loader.py +0 -0
  109. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/defaults.py +0 -0
  110. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/__init__.py +0 -0
  111. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/base.py +0 -0
  112. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/console.py +0 -0
  113. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/csv.py +0 -0
  114. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/enhanced.py +0 -0
  115. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/html.py +0 -0
  116. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/json.py +0 -0
  117. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/markdown.py +0 -0
  118. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/formatters/sarif.py +0 -0
  119. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/models.py +0 -0
  120. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/policy_checks.py +0 -0
  121. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/policy_loader.py +0 -0
  122. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/pr_commenter.py +0 -0
  123. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/core/report.py +0 -0
  124. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/integrations/__init__.py +0 -0
  125. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/integrations/github_integration.py +0 -0
  126. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/integrations/ms_teams.py +0 -0
  127. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/scripts/sync_defaults_from_yaml.py +0 -0
  128. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/README.md +0 -0
  129. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/__init__.py +0 -0
  130. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_action_condition_enforcement.py +0 -0
  131. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_action_resource_constraint.py +0 -0
  132. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_action_validation_check.py +0 -0
  133. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_aws_fetcher_wildcards.py +0 -0
  134. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_aws_global_conditions.py +0 -0
  135. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_check_registry.py +0 -0
  136. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_comment_truncation.py +0 -0
  137. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_condition_key_validation_check.py +0 -0
  138. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_config_loader.py +0 -0
  139. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_custom_policy_checks.py +0 -0
  140. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_models.py +0 -0
  141. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_multipart_comments.py +0 -0
  142. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_policy_loader.py +0 -0
  143. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_policy_size_check.py +0 -0
  144. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_resource_validation_check.py +0 -0
  145. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_security_best_practices.py +0 -0
  146. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_sensitive_action_wildcard_expansion.py +0 -0
  147. {iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/tests/test_sid_uniqueness_check.py +0 -0
{iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: iam-policy-validator
3
- Version: 1.1.1
3
+ Version: 1.1.2
4
4
  Summary: Validate AWS IAM policies for correctness and security using AWS Service Reference API
5
5
  Project-URL: Homepage, https://github.com/boogy/iam-policy-validator
6
6
  Project-URL: Documentation, https://github.com/boogy/iam-policy-validator/tree/main/docs
{iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/__version__.py RENAMED
@@ -3,5 +3,5 @@
3
3
  This file is the single source of truth for the package version.
4
4
  """
5
5
 
6
- __version__ = "1.1.1"
6
+ __version__ = "1.1.2"
7
7
  __version_info__ = tuple(int(part) for part in __version__.split("."))
{iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/iam_validator/checks/utils/sensitive_action_matcher.py RENAMED
@@ -14,23 +14,23 @@ from iam_validator.core.check_registry import CheckConfig
14
14
  # Using frozenset for O(1) lookups and immutability
15
15
  DEFAULT_SENSITIVE_ACTIONS = frozenset(
16
16
  {
17
- "ec2:DeleteVolume"
18
- "ec2:TerminateInstances"
19
- "eks:DeleteCluster"
20
- "iam:AttachRolePolicy"
21
- "iam:AttachUserPolicy"
22
- "iam:CreateAccessKey"
23
- "iam:CreateRole"
24
- "iam:CreateUser"
25
- "iam:DeleteRole"
26
- "iam:DeleteUser"
27
- "iam:PutRolePolicy"
28
- "iam:PutUserPolicy"
29
- "lambda:DeleteFunction"
30
- "rds:DeleteDBInstance"
31
- "s3:DeleteBucket"
32
- "s3:DeleteBucketPolicy"
33
- "s3:PutBucketPolicy"
17
+ "ec2:DeleteVolume",
18
+ "ec2:TerminateInstances",
19
+ "eks:DeleteCluster",
20
+ "iam:AttachRolePolicy",
21
+ "iam:AttachUserPolicy",
22
+ "iam:CreateAccessKey",
23
+ "iam:CreateRole",
24
+ "iam:CreateUser",
25
+ "iam:DeleteRole",
26
+ "iam:DeleteUser",
27
+ "iam:PutRolePolicy",
28
+ "iam:PutUserPolicy",
29
+ "lambda:DeleteFunction",
30
+ "rds:DeleteDBInstance",
31
+ "s3:DeleteBucket",
32
+ "s3:DeleteBucketPolicy",
33
+ "s3:PutBucketPolicy",
34
34
  }
35
35
  )
36
36
 
{iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/pyproject.toml RENAMED
@@ -1,6 +1,6 @@
1
1
  [project]
2
2
  name = "iam-policy-validator"
3
- version = "1.1.1"
3
+ version = "1.1.2"
4
4
  description = "Validate AWS IAM policies for correctness and security using AWS Service Reference API"
5
5
  readme = "README.md"
6
6
  requires-python = ">=3.10"
{iam_policy_validator-1.1.1 → iam_policy_validator-1.1.2}/uv.lock RENAMED
@@ -284,7 +284,7 @@ wheels = [
284
284
 
285
285
  [[package]]
286
286
  name = "iam-policy-validator"
287
- version = "1.1.1"
287
+ version = "1.1.2"
288
288
  source = { editable = "." }
289
289
  dependencies = [
290
290
  { name = "boto3" },