iam-policy-validator 1.14.5__py3-none-any.whl → 1.14.7__py3-none-any.whl

{iam_policy_validator-1.14.5.dist-info → iam_policy_validator-1.14.7.dist-info}/METADATA

@@ -1,12 +1,12 @@
 Metadata-Version: 2.4
 Name: iam-policy-validator
-Version: 1.14.5
+Version: 1.14.7
 Summary: Validate AWS IAM policies for correctness and security using AWS Service Reference API
 Project-URL: Homepage, https://github.com/boogy/iam-policy-validator
-Project-URL: Documentation, https://github.com/boogy/iam-policy-validator/tree/main/docs
+Project-URL: Documentation, https://boogy.github.io/iam-policy-validator
 Project-URL: Repository, https://github.com/boogy/iam-policy-validator
 Project-URL: Issues, https://github.com/boogy/iam-policy-validator/issues
-Project-URL: Changelog, https://github.com/boogy/iam-policy-validator/blob/main/docs/CHANGELOG.md
+Project-URL: Changelog, https://github.com/boogy/iam-policy-validator/blob/main/CHANGELOG.md
 Author-email: boogy <0xboogy@gmail.com>
 License: MIT
 License-File: LICENSE
@@ -38,11 +38,17 @@ Requires-Dist: pytest>=7.0.0; extra == 'dev'
 Requires-Dist: ruff>=0.1.0; extra == 'dev'
 Requires-Dist: types-boto3; extra == 'dev'
 Requires-Dist: types-pyyaml; extra == 'dev'
+Provides-Extra: docs
+Requires-Dist: mkdocs-gen-files>=0.5.0; extra == 'docs'
+Requires-Dist: mkdocs-literate-nav>=0.6.0; extra == 'docs'
+Requires-Dist: mkdocs-material>=9.5.0; extra == 'docs'
+Requires-Dist: mkdocs>=1.6.0; extra == 'docs'
+Requires-Dist: mkdocstrings[python]>=0.24.0; extra == 'docs'
 Description-Content-Type: text/markdown
 
 # IAM Policy Validator
 
-**Catch IAM policy errors before they reach AWS** — Validate syntax, security misconfigurations, and dangerous permission combinations in CI/CD pipelines.
+**Stop IAM misconfigurations before they become breaches** — Catch overprivileged permissions, dangerous wildcards, and policy errors before deployment.
 
 [![GitHub Actions](https://img.shields.io/badge/GitHub%20Actions-Ready-blue)](https://github.com/marketplace/actions/iam-policy-validator)
 [![Python 3.10+](https://img.shields.io/badge/python-3.10+-blue.svg)](https://www.python.org/downloads/)
@@ -120,7 +126,7 @@ iam-validator validate --path examples/quick-start/ --format enhanced
 ```
 ╭──────────────────────────────────────────────────────────────────────────────────────────────────╮
 │                                                                                                  │
-│                              IAM Policy Validation Report (v1.10.3)                              │
+│                              IAM Policy Validation Report (v1.14.1)                              │
 │                                                                                                  │
 ╰──────────────────────────────────────────────────────────────────────────────────────────────────╯
 ───────────────────────────────────────── Detailed Results ─────────────────────────────────────────
@@ -294,7 +300,7 @@ sensitive_action:
       message: "CloudFormation + PassRole enables infrastructure privilege escalation"
 ```
 
-See [docs/privilege-escalation.md](docs/privilege-escalation.md) for all built-in patterns and custom configuration.
+See [Security Checks Documentation](docs/user-guide/checks/security-checks.md) for all built-in patterns and custom configuration.
 
 **Comparison:**
 
@@ -635,7 +641,7 @@ sensitive_action:
 
 For more details, see:
 
-- [docs/condition-requirements.md](docs/condition-requirements.md) - How to configure condition requirements
+- [Configuration Guide](docs/user-guide/configuration.md) - How to configure condition requirements
 - [examples/configs/full-reference-config.yaml](examples/configs/full-reference-config.yaml) - Complete configuration reference
 
 ---
@@ -710,12 +716,12 @@ iam-validator analyze --path new-policy.json \
 
 **Guides:**
 
-- [Check Reference](docs/check-reference.md) - All 19 checks with examples
-- [Configuration Guide](docs/configuration.md) - Customize checks and behavior
-- [GitHub Actions Guide](docs/github-actions-workflows.md) - CI/CD integration
-- [Python Library Guide](docs/python-library-usage.md) - Use as Python package
-- [Trust Policy Guide](examples/trust-policies/README.md) - Trust policy validation
-- [Query Command](docs/query-command.md) - Query AWS service definitions
+- [Check Reference](docs/user-guide/checks/) - All checks with examples
+- [Configuration Guide](docs/user-guide/configuration.md) - Customize checks and behavior
+- [GitHub Actions Guide](docs/integrations/github-actions.md) - CI/CD integration
+- [Python Library Guide](docs/developer-guide/sdk/) - Use as Python package
+- [Trust Policy Examples](examples/trust-policies/) - Trust policy validation examples
+- [Changelog](CHANGELOG.md) - Version history and migration guides
 
 **Examples:**
 

{iam_policy_validator-1.14.5.dist-info → iam_policy_validator-1.14.7.dist-info}/RECORD

@@ -1,6 +1,6 @@
 iam_validator/__init__.py,sha256=xHdUASOxFHwEXfT_GSr_KrkLlnxZ-pAAr1wW1PwAGko,693
 iam_validator/__main__.py,sha256=to_nz3n_IerJpVVZZ6WSFlFR5s_06J0csfPOTfQZG8g,197
-iam_validator/__version__.py,sha256=8ouM89pP7JLVFY6dwrTsOuZeWcu_xuQ3YwT7-1g9xn8,374
+iam_validator/__version__.py,sha256=gzNFhw4Ir0RuOpe7hw6D6K-mQnE1zvBtL7jSlcAUnrE,374
 iam_validator/checks/__init__.py,sha256=OTkPnmlelu4YjMO8krjhu2wXiTV72RzopA5u1SfPQA0,1990
 iam_validator/checks/action_condition_enforcement.py,sha256=2-XUMbof9tQ7SHZNmAHMkR1DgbOIzY2eFWlp9S9dwLk,60625
 iam_validator/checks/action_resource_matching.py,sha256=qND0hfDgNoxFEdLWwrxOPVDfdj3k50nzedT2qF7nK7o,19428
@@ -54,7 +54,7 @@ iam_validator/core/models.py,sha256=lXUadIsTpp_j0Vt89Ez7aJkTKs2GD2ty3Ukl2NeY9Zo,
 iam_validator/core/policy_checks.py,sha256=FNVuS2GTffwCjjrlupVIazC172gSxKYAAT_ObV6Apbo,8803
 iam_validator/core/policy_loader.py,sha256=iid3mGfDzSXASzKDqbLnrqJHBdVQvvebofVqNImsGKM,29201
 iam_validator/core/pr_commenter.py,sha256=IZu2FQqzw73U_8ugTUq197ECLqk9mRCQpTWXPu5qk0k,35490
-iam_validator/core/report.py,sha256=IEHjNe6v_9nvcGA8_FNbXdG0AoV-yHVjiP1KQKnpEys,41376
+iam_validator/core/report.py,sha256=IDjBjSrzrE_JdkA8eTiSxyUL3g36sJMhTkxehEYzuBQ,45476
 iam_validator/core/aws_service/__init__.py,sha256=UqMh4HUdGlx2QF5OoueJJ2UlCnhX4QW_x3KeE_bxRQc,735
 iam_validator/core/aws_service/cache.py,sha256=DPuOOPPJC867KAYgV1e0RyQs_k3mtefMdYli3jPaN64,3589
 iam_validator/core/aws_service/client.py,sha256=Zv7rIpEFdUCDXKGp3migPDkj8L5eZltgrGe64M2t2Ko,7336
@@ -85,11 +85,11 @@ iam_validator/core/formatters/json.py,sha256=A7gZ8P32GEdbDvrSn6v56yQ4fOP_kyMaoFV
 iam_validator/core/formatters/markdown.py,sha256=dk4STeY-tOEZsVrlmolIEqZvWYP9JhRtygxxNA49DEE,2293
 iam_validator/core/formatters/sarif.py,sha256=03MHSyuZm9FlzaPeWg7wH-UTzzCDhSy6vMPrFpFNkS8,18884
 iam_validator/integrations/__init__.py,sha256=7Hlor_X9j0NZaEjFuSvoXAAuSKQ-zgY19Rk-Dz3JpKo,616
-iam_validator/integrations/github_integration.py,sha256=IKhJW_v_lGZiuyPN_xWULzv2YBbaXHn8zBfaOdUm28g,69054
+iam_validator/integrations/github_integration.py,sha256=0aeQ_RPTZf5ij7dsBjmtIDz4oHl0BXLno9GperFzTbc,69004
 iam_validator/integrations/ms_teams.py,sha256=t2PlWuTDb6GGH-eDU1jnOKd8D1w4FCB68bahGA7MJcE,14475
-iam_validator/sdk/__init__.py,sha256=AZLnfdn3A9AWb0pMhsbu3GAOAzt6rV7Fi3E3d9_3ZdI,6388
+iam_validator/sdk/__init__.py,sha256=1voMXldzhLJ0mZ4AxwYPXwJd_kKFjQ-zp_tN8eWvkP4,6209
 iam_validator/sdk/arn_matching.py,sha256=HSDpLltOYISq-SoPebAlM89mKOaUaghq_04urchEFDA,12778
-iam_validator/sdk/context.py,sha256=FvAEyUa_s7tHWoSdgjSkzHf1CLlYpAEmLZANxs2IJ4A,6826
+iam_validator/sdk/context.py,sha256=b2XXlvsnqxl42d1wsdoynTqsZOy8nRjV73RgxIdKdPQ,6940
 iam_validator/sdk/exceptions.py,sha256=tm91TxIwU157U_UHN7w5qICf_OhU11agj6pV5W_YP-4,1023
 iam_validator/sdk/helpers.py,sha256=sjfK0na_Fo7O8GhEVhl44rVHqOdw6nAKkBL4FVL-QdU,5697
 iam_validator/sdk/policy_utils.py,sha256=bGdJ1X1aC72dVXXpAnAwyBpAiiX-qXvblpetY5BsjKU,13658
@@ -99,8 +99,8 @@ iam_validator/utils/__init__.py,sha256=NveA2F3G1E6-ANZzFr7J6Q6u5mogvMp862iFokmYu
 iam_validator/utils/cache.py,sha256=wOQKOBeoG6QqC5f0oXcHz63Cjtu_-SsSS-0pTSwyAiM,3254
 iam_validator/utils/regex.py,sha256=xHoMECttb7qaMhts-c9b0GIxdhHNZTt-UBr7wNhWfzg,6219
 iam_validator/utils/terminal.py,sha256=FsRaRMH_JAyDgXWBCOgOEhbS89cs17HCmKYoughq5io,724
-iam_policy_validator-1.14.5.dist-info/METADATA,sha256=h6M6__GqJW5fWPtV0cEDqZ4sK259K5ulz68Jgt6COQE,34456
-iam_policy_validator-1.14.5.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
-iam_policy_validator-1.14.5.dist-info/entry_points.txt,sha256=8HtWd8O7mvPiPdZR5YbzY8or_qcqLM4-pKaFdhtFT8M,62
-iam_policy_validator-1.14.5.dist-info/licenses/LICENSE,sha256=AMnbFTBDcK4_MITe2wiQBkj0vg-jjBBhsc43ydC7tt4,1098
-iam_policy_validator-1.14.5.dist-info/RECORD,,
+iam_policy_validator-1.14.7.dist-info/METADATA,sha256=l4PstdoYzO1kqFBTI2M7UDbvoQMAcVC9sHamKl43x9Y,34741
+iam_policy_validator-1.14.7.dist-info/WHEEL,sha256=WLgqFyCfm_KASv4WHyYy0P3pM_m7J5L9k2skdKLirC8,87
+iam_policy_validator-1.14.7.dist-info/entry_points.txt,sha256=8HtWd8O7mvPiPdZR5YbzY8or_qcqLM4-pKaFdhtFT8M,62
+iam_policy_validator-1.14.7.dist-info/licenses/LICENSE,sha256=AMnbFTBDcK4_MITe2wiQBkj0vg-jjBBhsc43ydC7tt4,1098
+iam_policy_validator-1.14.7.dist-info/RECORD,,

iam_validator/__version__.py

@@ -3,7 +3,7 @@
 This file is the single source of truth for the package version.
 """
 
-__version__ = "1.14.5"
+__version__ = "1.14.7"
 # Parse version, handling pre-release suffixes like -rc, -alpha, -beta
 _version_base = __version__.split("-", maxsplit=1)[0]  # Remove pre-release suffix if present
 __version_info__ = tuple(int(part) for part in _version_base.split("."))

iam_validator/core/report.py

@@ -478,13 +478,14 @@ class ReportGenerator:
 
         # Issue breakdown
         if report.total_issues > 0:
-            # Count issues - support both IAM validity and security severities
-            errors = sum(
-                1
-                for r in report.results
-                for i in r.issues
-                if i.severity in constants.HIGH_SEVERITY_LEVELS
+            # Count issues - separate validity errors from security findings
+            validity_errors = sum(
+                1 for r in report.results for i in r.issues if i.severity == "error"
             )
+            critical_findings = sum(
+                1 for r in report.results for i in r.issues if i.severity == "critical"
+            )
+            high_findings = sum(1 for r in report.results for i in r.issues if i.severity == "high")
             warnings = sum(
                 1 for r in report.results for i in r.issues if i.severity in ("warning", "medium")
             )
@@ -496,8 +497,12 @@ class ReportGenerator:
             lines.append("")
             lines.append("| Severity | Count |")
             lines.append("|----------|------:|")
-            if errors > 0:
-                lines.append(f"| 🔴 **Errors** | {errors} |")
+            if validity_errors > 0:
+                lines.append(f"| 🔴 **Errors** | {validity_errors} |")
+            if critical_findings > 0:
+                lines.append(f"| 🟣 **Critical** | {critical_findings} |")
+            if high_findings > 0:
+                lines.append(f"| 🔶 **High** | {high_findings} |")
             if warnings > 0:
                 lines.append(f"| 🟡 **Warnings** | {warnings} |")
             if infos > 0:
@@ -578,15 +583,31 @@ class ReportGenerator:
         )
         lines.append("")
 
-        # Group issues by severity - support both IAM validity and security severities
-        errors = [i for i in result.issues if i.severity in constants.HIGH_SEVERITY_LEVELS]
+        # Group issues by severity - separate validity errors from security findings
+        validity_errors = [i for i in result.issues if i.severity == "error"]
+        critical_findings = [i for i in result.issues if i.severity == "critical"]
+        high_findings = [i for i in result.issues if i.severity == "high"]
         warnings = [i for i in result.issues if i.severity in constants.MEDIUM_SEVERITY_LEVELS]
         infos = [i for i in result.issues if i.severity in constants.LOW_SEVERITY_LEVELS]
 
-        if errors:
+        if validity_errors:
             lines.append("### 🔴 Errors")
             lines.append("")
-            for issue in errors:
+            for issue in validity_errors:
+                lines.append(self._format_issue_markdown(issue, result.policy_file))
+            lines.append("")
+
+        if critical_findings:
+            lines.append("### 🟣 Critical")
+            lines.append("")
+            for issue in critical_findings:
+                lines.append(self._format_issue_markdown(issue, result.policy_file))
+            lines.append("")
+
+        if high_findings:
+            lines.append("### 🔶 High")
+            lines.append("")
+            for issue in high_findings:
                 lines.append(self._format_issue_markdown(issue, result.policy_file))
             lines.append("")
 
@@ -693,13 +714,14 @@ class ReportGenerator:
 
         # Issue breakdown
         if report.total_issues > 0:
-            # Count issues - support both IAM validity and security severities
-            errors = sum(
-                1
-                for r in report.results
-                for i in r.issues
-                if i.severity in constants.HIGH_SEVERITY_LEVELS
+            # Count issues - separate validity errors from security findings
+            validity_errors = sum(
+                1 for r in report.results for i in r.issues if i.severity == "error"
             )
+            critical_findings = sum(
+                1 for r in report.results for i in r.issues if i.severity == "critical"
+            )
+            high_findings = sum(1 for r in report.results for i in r.issues if i.severity == "high")
             warnings = sum(
                 1 for r in report.results for i in r.issues if i.severity in ("warning", "medium")
             )
@@ -711,8 +733,12 @@ class ReportGenerator:
             lines.append("")
             lines.append("| Severity | Count |")
             lines.append("|----------|------:|")
-            if errors > 0:
-                lines.append(f"| 🔴 **Errors** | {errors} |")
+            if validity_errors > 0:
+                lines.append(f"| 🔴 **Errors** | {validity_errors} |")
+            if critical_findings > 0:
+                lines.append(f"| 🟣 **Critical** | {critical_findings} |")
+            if high_findings > 0:
+                lines.append(f"| 🔶 **High** | {high_findings} |")
             if warnings > 0:
                 lines.append(f"| 🟡 **Warnings** | {warnings} |")
             if infos > 0:
@@ -789,15 +815,21 @@ class ReportGenerator:
 
                 policy_lines = []
 
-                # Group issues by severity - support both IAM validity and security severities
-                errors = [i for i in result.issues if i.severity in constants.HIGH_SEVERITY_LEVELS]
+                # Group issues by severity - separate validity errors from security findings
+                validity_errors = [i for i in result.issues if i.severity == "error"]
+                critical_findings = [i for i in result.issues if i.severity == "critical"]
+                high_findings = [i for i in result.issues if i.severity == "high"]
                 warnings = [i for i in result.issues if i.severity in ("warning", "medium")]
                 infos = [i for i in result.issues if i.severity in ("info", "low")]
 
                 # Build severity summary for header
                 severity_parts = []
-                if errors:
-                    severity_parts.append(f"🔴 {len(errors)}")
+                if validity_errors:
+                    severity_parts.append(f"🔴 {len(validity_errors)}")
+                if critical_findings:
+                    severity_parts.append(f"🟣 {len(critical_findings)}")
+                if high_findings:
+                    severity_parts.append(f"🔶 {len(high_findings)}")
                 if warnings:
                     severity_parts.append(f"🟡 {len(warnings)}")
                 if infos:
@@ -812,11 +844,57 @@ class ReportGenerator:
                 )
                 policy_lines.append("")
 
-                # Add errors (prioritized)
-                if errors:
+                # Add validity errors (prioritized)
+                if validity_errors:
                     policy_lines.append("### 🔴 Errors")
                     policy_lines.append("")
-                    for i, issue in enumerate(errors):
+                    for i, issue in enumerate(validity_errors):
+                        issue_content = self._format_issue_markdown(issue, result.policy_file)
+                        test_length = len("\n".join(details_lines + policy_lines)) + len(
+                            issue_content
+                        )
+                        if test_length > available_length:
+                            truncated = True
+                            break
+                        policy_lines.append(issue_content)
+                        issues_shown += 1
+                        # Add separator between issues within same severity
+                        if i < len(validity_errors) - 1:
+                            policy_lines.append("---")
+                            policy_lines.append("")
+                    policy_lines.append("")
+
+                if truncated:
+                    break
+
+                # Add critical security findings
+                if critical_findings:
+                    policy_lines.append("### 🟣 Critical")
+                    policy_lines.append("")
+                    for i, issue in enumerate(critical_findings):
+                        issue_content = self._format_issue_markdown(issue, result.policy_file)
+                        test_length = len("\n".join(details_lines + policy_lines)) + len(
+                            issue_content
+                        )
+                        if test_length > available_length:
+                            truncated = True
+                            break
+                        policy_lines.append(issue_content)
+                        issues_shown += 1
+                        # Add separator between issues within same severity
+                        if i < len(critical_findings) - 1:
+                            policy_lines.append("---")
+                            policy_lines.append("")
+                    policy_lines.append("")
+
+                if truncated:
+                    break
+
+                # Add high security findings
+                if high_findings:
+                    policy_lines.append("### 🔶 High")
+                    policy_lines.append("")
+                    for i, issue in enumerate(high_findings):
                         issue_content = self._format_issue_markdown(issue, result.policy_file)
                         test_length = len("\n".join(details_lines + policy_lines)) + len(
                             issue_content
@@ -827,7 +905,7 @@ class ReportGenerator:
                         policy_lines.append(issue_content)
                         issues_shown += 1
                         # Add separator between issues within same severity
-                        if i < len(errors) - 1:
+                        if i < len(high_findings) - 1:
                             policy_lines.append("---")
                             policy_lines.append("")
                     policy_lines.append("")

iam_validator/integrations/github_integration.py

@@ -1278,7 +1278,7 @@ class GitHubIntegration:
             logger.info(f"Submitting {event.value} review (no inline comments)")
             success = await self.create_review_with_comments(
                 comments=[],
-                body=body or f"<!-- {identifier} -->\nValidation complete.",
+                body=body,
                 event=event,
             )
             if not success:

iam_validator/sdk/__init__.py

@@ -1,66 +1,71 @@
-"""
-IAM Policy Validator SDK - Public API for library usage.
+"""IAM Policy Validator SDK - Public API for library usage.
 
 This module provides the complete public API for using IAM Policy Validator
 as a Python library. It exposes both high-level convenience functions and
 low-level components for custom integrations.
 
-Quick Start:
-    Basic validation:
-    >>> from iam_validator.sdk import validate_file
-    >>> result = await validate_file("policy.json")
-    >>> print(f"Valid: {result.is_valid}")
-
-    With context manager:
-    >>> from iam_validator.sdk import validator
-    >>> async with validator() as v:
-    ...     result = await v.validate_file("policy.json")
-    ...     v.generate_report([result])
-
-    Policy manipulation:
-    >>> from iam_validator.sdk import parse_policy, get_policy_summary
-    >>> policy = parse_policy(policy_json)
-    >>> summary = get_policy_summary(policy)
-    >>> print(f"Actions: {summary['action_count']}")
-
-    Query AWS service definitions:
-    >>> from iam_validator.sdk import AWSServiceFetcher, query_actions, query_arn_formats
-    >>> async with AWSServiceFetcher() as fetcher:
-    ...     # Query all S3 write actions
-    ...     write_actions = await query_actions(fetcher, "s3", access_level="write")
-    ...     # Get ARN formats for S3
-    ...     arns = await query_arn_formats(fetcher, "s3")
-
-    Custom check development:
-    >>> from iam_validator.sdk import PolicyCheck, CheckHelper
-    >>> class MyCheck(PolicyCheck):
-    ...     @property
-    ...     def check_id(self) -> str:
-    ...         return "my_check"
-    ...     async def execute(self, statement, idx, fetcher, config):
-    ...         helper = CheckHelper(fetcher)
-    ...         # Use helper.arn_matches(), helper.create_issue(), etc.
-    ...         return []
-"""
+Example:
+    Basic validation::
 
-# === High-level validation functions (shortcuts) ===
-# === AWS utilities ===
-from iam_validator.core.aws_service import AWSServiceFetcher
+        from iam_validator.sdk import validate_file
 
-# === Core validation components (for advanced usage) ===
-from iam_validator.core.check_registry import CheckRegistry, PolicyCheck
+        result = await validate_file("policy.json")
+        print(f"Valid: {result.is_valid}")
+
+    With context manager::
+
+        from iam_validator.sdk import validator
+
+        async with validator() as v:
+            result = await v.validate_file("policy.json")
+            v.generate_report([result])
+
+    Policy manipulation::
+
+        from iam_validator.sdk import parse_policy, get_policy_summary
+
+        policy = parse_policy(policy_json)
+        summary = get_policy_summary(policy)
+        print(f"Actions: {summary['action_count']}")
+
+    Query AWS service definitions::
+
+        from iam_validator.sdk import AWSServiceFetcher, query_actions
+
+        async with AWSServiceFetcher() as fetcher:
+            # Query all S3 write actions
+            write_actions = await query_actions(fetcher, "s3", access_level="write")
+
+    Custom check development::
+
+        from iam_validator.sdk import PolicyCheck, CheckHelper
 
-# === ValidatorConfiguration ===
-from iam_validator.core.config.config_loader import ValidatorConfig, load_validator_config
+        class MyCheck(PolicyCheck):
+            check_id = "my_check"
+            description = "My custom check"
+            default_severity = "medium"
 
-# === Reporting ===
+            async def execute(self, statement, idx, fetcher, config):
+                helper = CheckHelper(fetcher)
+                # Use helper.arn_matches(), helper.create_issue(), etc.
+                return []
+"""
+
+# ruff: noqa: E402
+# Imports are organized by category with comments, which triggers E402.
+# This is intentional for readability in this public API module.
+
+from iam_validator.core.aws_service import AWSServiceFetcher
+from iam_validator.core.check_registry import CheckRegistry, PolicyCheck
+from iam_validator.core.config.config_loader import (
+    ValidatorConfig,
+    load_validator_config,
+)
 from iam_validator.core.formatters.csv import CSVFormatter
 from iam_validator.core.formatters.html import HTMLFormatter
 from iam_validator.core.formatters.json import JSONFormatter
 from iam_validator.core.formatters.markdown import MarkdownFormatter
 from iam_validator.core.formatters.sarif import SARIFFormatter
-
-# === Models (for type hints and inspection) ===
 from iam_validator.core.models import (
     IAMPolicy,
     PolicyValidationResult,
@@ -70,23 +75,17 @@ from iam_validator.core.models import (
 from iam_validator.core.policy_checks import validate_policies
 from iam_validator.core.policy_loader import PolicyLoader
 from iam_validator.core.report import ReportGenerator
-
-# === ARN matching utilities ===
 from iam_validator.sdk.arn_matching import (
     arn_matches,
     arn_strictly_valid,
     convert_aws_pattern_to_wildcard,
     is_glob_match,
 )
-
-# === Context managers ===
 from iam_validator.sdk.context import (
     ValidationContext,
     validator,
     validator_from_config,
 )
-
-# === Public exceptions ===
 from iam_validator.sdk.exceptions import (
     AWSServiceError,
     ConfigurationError,
@@ -96,11 +95,7 @@ from iam_validator.sdk.exceptions import (
     PolicyValidationError,
     UnsupportedPolicyTypeError,
 )
-
-# === Custom check development ===
 from iam_validator.sdk.helpers import CheckHelper, expand_actions
-
-# === Policy manipulation utilities ===
 from iam_validator.sdk.policy_utils import (
     extract_actions,
     extract_condition_keys,
@@ -116,8 +111,6 @@ from iam_validator.sdk.policy_utils import (
     policy_to_dict,
     policy_to_json,
 )
-
-# === Query utilities (AWS service definition queries) ===
 from iam_validator.sdk.query_utils import (
     get_actions_by_access_level,
     get_actions_supporting_condition,
@@ -139,6 +132,9 @@ from iam_validator.sdk.shortcuts import (
     validate_json,
 )
 
+# Alias for convenience (matches documentation)
+Config = ValidatorConfig
+
 __all__ = [
     # === High-level shortcuts ===
     "validate_file",
@@ -203,6 +199,7 @@ __all__ = [
     "Statement",
     # === ValidatorConfiguration ===
     "ValidatorConfig",
+    "Config",  # Alias for ValidatorConfig
     "load_validator_config",
     # === AWS utilities ===
     "AWSServiceFetcher",
@@ -214,7 +211,9 @@ __all__ = [
     "AWSServiceError",
     "InvalidPolicyFormatError",
     "UnsupportedPolicyTypeError",
+    # Version
+    "__version__",
 ]
 
-# SDK version
-__version__ = "0.1.0"
+# SDK version (same as main package)
+from iam_validator.__version__ import __version__

iam_validator/sdk/context.py

@@ -5,6 +5,7 @@ This module provides context managers that handle resource lifecycle
 and make the validation API more convenient to use.
 """
 
+from collections.abc import AsyncIterator
 from contextlib import asynccontextmanager
 from pathlib import Path
 
@@ -169,7 +170,7 @@ class ValidationContext:
 @asynccontextmanager
 async def validator(
     config_path: str | None = None,
-):
+) -> AsyncIterator[ValidationContext]:
     """
     Context manager that handles AWS fetcher lifecycle.
 
@@ -201,7 +202,7 @@ async def validator(
 
 
 @asynccontextmanager
-async def validator_from_config(config_path: str):
+async def validator_from_config(config_path: str) -> AsyncIterator[ValidationContext]:
     """
     Context manager that loads configuration and creates a validator.