iam-policy-validator 1.14.6__tar.gz → 1.15.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (865) hide show
  1. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/ci.yml +4 -4
  2. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/codeql.yml +3 -3
  3. iam_policy_validator-1.15.0/.github/workflows/docs.yml +82 -0
  4. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/pre-release.yml +1 -1
  5. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/release.yml +1 -1
  6. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/scorecard.yml +2 -2
  7. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.gitignore +19 -3
  8. iam_policy_validator-1.15.0/CHANGELOG.md +323 -0
  9. iam_policy_validator-1.15.0/CONTRIBUTING.md +65 -0
  10. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/Makefile +19 -1
  11. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/PKG-INFO +34 -23
  12. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/README.md +20 -19
  13. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/SECURITY.md +3 -60
  14. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/action.yaml +4 -4
  15. iam_policy_validator-1.15.0/docs/api-reference/checks.md +123 -0
  16. iam_policy_validator-1.15.0/docs/api-reference/exceptions.md +161 -0
  17. iam_policy_validator-1.15.0/docs/api-reference/index.md +49 -0
  18. iam_policy_validator-1.15.0/docs/api-reference/models.md +84 -0
  19. iam_policy_validator-1.15.0/docs/api-reference/sdk.md +534 -0
  20. iam_policy_validator-1.15.0/docs/changelog.md +12 -0
  21. iam_policy_validator-1.15.0/docs/contributing/development-setup.md +171 -0
  22. iam_policy_validator-1.15.0/docs/contributing/index.md +48 -0
  23. iam_policy_validator-1.15.0/docs/contributing/releasing.md +112 -0
  24. iam_policy_validator-1.15.0/docs/contributing/testing.md +189 -0
  25. iam_policy_validator-1.15.0/docs/developer-guide/architecture.md +189 -0
  26. iam_policy_validator-1.15.0/docs/developer-guide/custom-checks/best-practices.md +250 -0
  27. iam_policy_validator-1.15.0/docs/developer-guide/custom-checks/examples.md +202 -0
  28. iam_policy_validator-1.15.0/docs/developer-guide/custom-checks/index.md +71 -0
  29. iam_policy_validator-1.15.0/docs/developer-guide/custom-checks/tutorial.md +222 -0
  30. iam_policy_validator-1.15.0/docs/developer-guide/index.md +54 -0
  31. iam_policy_validator-1.15.0/docs/developer-guide/sdk/advanced.md +187 -0
  32. iam_policy_validator-1.15.0/docs/developer-guide/sdk/index.md +41 -0
  33. iam_policy_validator-1.15.0/docs/developer-guide/sdk/policy-utilities.md +192 -0
  34. iam_policy_validator-1.15.0/docs/developer-guide/sdk/quickstart.md +115 -0
  35. iam_policy_validator-1.15.0/docs/developer-guide/sdk/validation.md +135 -0
  36. iam_policy_validator-1.15.0/docs/getting-started/first-validation.md +276 -0
  37. iam_policy_validator-1.15.0/docs/getting-started/index.md +62 -0
  38. iam_policy_validator-1.15.0/docs/getting-started/installation.md +153 -0
  39. iam_policy_validator-1.15.0/docs/getting-started/quickstart.md +138 -0
  40. iam_policy_validator-1.15.0/docs/includes/abbreviations.md +17 -0
  41. iam_policy_validator-1.15.0/docs/index.md +163 -0
  42. iam_policy_validator-1.15.0/docs/integrations/github-actions.md +135 -0
  43. iam_policy_validator-1.15.0/docs/integrations/gitlab-ci.md +100 -0
  44. iam_policy_validator-1.15.0/docs/integrations/index.md +44 -0
  45. iam_policy_validator-1.15.0/docs/integrations/mcp-server.md +2033 -0
  46. iam_policy_validator-1.15.0/docs/integrations/pre-commit.md +105 -0
  47. iam_policy_validator-1.15.0/docs/stylesheets/extra.css +283 -0
  48. iam_policy_validator-1.15.0/docs/user-guide/checks/advanced-checks.md +199 -0
  49. iam_policy_validator-1.15.0/docs/user-guide/checks/aws-validation.md +242 -0
  50. iam_policy_validator-1.15.0/docs/user-guide/checks/index.md +110 -0
  51. iam_policy_validator-1.15.0/docs/user-guide/checks/security-checks.md +380 -0
  52. iam_policy_validator-1.15.0/docs/user-guide/cli-reference.md +361 -0
  53. iam_policy_validator-1.15.0/docs/user-guide/configuration.md +162 -0
  54. iam_policy_validator-1.15.0/docs/user-guide/index.md +54 -0
  55. iam_policy_validator-1.15.0/docs/user-guide/output-formats.md +95 -0
  56. iam_policy_validator-1.15.0/docs/user-guide/troubleshooting.md +123 -0
  57. iam_policy_validator-1.15.0/examples/README.md +40 -0
  58. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/configs/full-reference-config.yaml +41 -1
  59. iam_policy_validator-1.15.0/examples/custom_checks/cross_account_external_id_check.py +154 -0
  60. iam_policy_validator-1.15.0/examples/custom_checks/domain_restriction_check.py +84 -0
  61. iam_policy_validator-1.15.0/examples/mcp-llm-instructions/README.md +145 -0
  62. iam_policy_validator-1.15.0/examples/mcp-llm-instructions/SYSTEM_PROMPT.md +382 -0
  63. iam_policy_validator-1.15.0/examples/mcp-llm-instructions/example_conversation.md +252 -0
  64. iam_policy_validator-1.15.0/examples/mcp-llm-instructions/organization_config.yaml +165 -0
  65. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/__version__.py +1 -1
  66. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/__init__.py +2 -0
  67. iam_policy_validator-1.15.0/iam_validator/checks/action_validation.py +131 -0
  68. iam_policy_validator-1.15.0/iam_validator/checks/not_action_not_resource.py +163 -0
  69. iam_policy_validator-1.15.0/iam_validator/checks/resource_validation.py +186 -0
  70. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/wildcard_resource.py +136 -6
  71. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/commands/__init__.py +3 -0
  72. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/commands/cache.py +66 -24
  73. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/commands/completion.py +94 -15
  74. iam_policy_validator-1.15.0/iam_validator/commands/mcp.py +210 -0
  75. iam_policy_validator-1.15.0/iam_validator/commands/query.py +909 -0
  76. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_service/__init__.py +5 -1
  77. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_service/cache.py +20 -0
  78. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_service/fetcher.py +180 -11
  79. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_service/storage.py +14 -6
  80. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_service/validators.py +32 -41
  81. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/check_registry.py +100 -35
  82. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/aws_global_conditions.py +13 -0
  83. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/check_documentation.py +104 -51
  84. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/config_loader.py +39 -3
  85. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/defaults.py +6 -0
  86. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/constants.py +11 -4
  87. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/models.py +39 -14
  88. iam_policy_validator-1.15.0/iam_validator/mcp/__init__.py +162 -0
  89. iam_policy_validator-1.15.0/iam_validator/mcp/models.py +118 -0
  90. iam_policy_validator-1.15.0/iam_validator/mcp/server.py +2928 -0
  91. iam_policy_validator-1.15.0/iam_validator/mcp/session_config.py +319 -0
  92. iam_policy_validator-1.15.0/iam_validator/mcp/templates/__init__.py +79 -0
  93. iam_policy_validator-1.15.0/iam_validator/mcp/templates/builtin.py +856 -0
  94. iam_policy_validator-1.15.0/iam_validator/mcp/tools/__init__.py +72 -0
  95. iam_policy_validator-1.15.0/iam_validator/mcp/tools/generation.py +888 -0
  96. iam_policy_validator-1.15.0/iam_validator/mcp/tools/org_config_tools.py +263 -0
  97. iam_policy_validator-1.15.0/iam_validator/mcp/tools/query.py +395 -0
  98. iam_policy_validator-1.15.0/iam_validator/mcp/tools/validation.py +376 -0
  99. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/sdk/__init__.py +64 -63
  100. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/sdk/context.py +3 -2
  101. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/sdk/policy_utils.py +31 -5
  102. iam_policy_validator-1.15.0/mkdocs.yml +187 -0
  103. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/pyproject.toml +17 -3
  104. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/checks/test_action_validation_check.py +103 -6
  105. iam_policy_validator-1.15.0/tests/checks/test_condition_key_validation_check.py +237 -0
  106. iam_policy_validator-1.15.0/tests/checks/test_condition_type_mismatch.py +125 -0
  107. iam_policy_validator-1.15.0/tests/checks/test_full_wildcard_check.py +73 -0
  108. iam_policy_validator-1.15.0/tests/checks/test_mfa_condition_check.py +96 -0
  109. iam_policy_validator-1.15.0/tests/checks/test_not_action_not_resource.py +108 -0
  110. iam_policy_validator-1.15.0/tests/checks/test_policy_size_check.py +98 -0
  111. iam_policy_validator-1.15.0/tests/checks/test_principal_validation_check.py +252 -0
  112. iam_policy_validator-1.15.0/tests/checks/test_resource_validation_check.py +151 -0
  113. iam_policy_validator-1.15.0/tests/checks/test_service_wildcard_check.py +84 -0
  114. iam_policy_validator-1.15.0/tests/checks/test_sid_uniqueness_check.py +80 -0
  115. iam_policy_validator-1.15.0/tests/checks/test_wildcard_action_check.py +62 -0
  116. iam_policy_validator-1.15.0/tests/checks/test_wildcard_resource_check.py +292 -0
  117. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/commands/test_query_command.py +159 -0
  118. iam_policy_validator-1.15.0/tests/core/test_action_resource_matching.py +167 -0
  119. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_check_registry.py +173 -0
  120. iam_policy_validator-1.15.0/tests/core/test_models.py +276 -0
  121. iam_policy_validator-1.15.0/tests/mcp/__init__.py +8 -0
  122. iam_policy_validator-1.15.0/tests/mcp/conftest.py +326 -0
  123. iam_policy_validator-1.15.0/tests/mcp/test_custom_instructions.py +218 -0
  124. iam_policy_validator-1.15.0/tests/mcp/test_generation_tools.py +441 -0
  125. iam_policy_validator-1.15.0/tests/mcp/test_org_config.py +385 -0
  126. iam_policy_validator-1.15.0/tests/mcp/test_query_tools.py +221 -0
  127. iam_policy_validator-1.15.0/tests/mcp/test_server_integration.py +128 -0
  128. iam_policy_validator-1.15.0/tests/mcp/test_templates.py +495 -0
  129. iam_policy_validator-1.15.0/tests/mcp/test_validation_tools.py +331 -0
  130. iam_policy_validator-1.15.0/uv.lock +2762 -0
  131. iam_policy_validator-1.14.6/.python-version +0 -1
  132. iam_policy_validator-1.14.6/CONTRIBUTING.md +0 -518
  133. iam_policy_validator-1.14.6/DOCS.md +0 -1410
  134. iam_policy_validator-1.14.6/aws_services/_manifest.json +0 -7
  135. iam_policy_validator-1.14.6/aws_services/_services.json +0 -1722
  136. iam_policy_validator-1.14.6/aws_services/a2c.json +0 -66
  137. iam_policy_validator-1.14.6/aws_services/a4b.json +0 -1945
  138. iam_policy_validator-1.14.6/aws_services/access-analyzer.json +0 -717
  139. iam_policy_validator-1.14.6/aws_services/account.json +0 -409
  140. iam_policy_validator-1.14.6/aws_services/acm-pca.json +0 -511
  141. iam_policy_validator-1.14.6/aws_services/acm.json +0 -401
  142. iam_policy_validator-1.14.6/aws_services/action-recommendations.json +0 -21
  143. iam_policy_validator-1.14.6/aws_services/activate.json +0 -126
  144. iam_policy_validator-1.14.6/aws_services/aiops.json +0 -694
  145. iam_policy_validator-1.14.6/aws_services/airflow.json +0 -301
  146. iam_policy_validator-1.14.6/aws_services/amplify.json +0 -917
  147. iam_policy_validator-1.14.6/aws_services/amplifybackend.json +0 -797
  148. iam_policy_validator-1.14.6/aws_services/amplifyuibuilder.json +0 -698
  149. iam_policy_validator-1.14.6/aws_services/aoss.json +0 -787
  150. iam_policy_validator-1.14.6/aws_services/apigateway.json +0 -1812
  151. iam_policy_validator-1.14.6/aws_services/app-integrations.json +0 -860
  152. iam_policy_validator-1.14.6/aws_services/appconfig.json +0 -1212
  153. iam_policy_validator-1.14.6/aws_services/appfabric.json +0 -691
  154. iam_policy_validator-1.14.6/aws_services/appflow.json +0 -671
  155. iam_policy_validator-1.14.6/aws_services/application-autoscaling.json +0 -337
  156. iam_policy_validator-1.14.6/aws_services/application-signals.json +0 -453
  157. iam_policy_validator-1.14.6/aws_services/application-transformation.json +0 -216
  158. iam_policy_validator-1.14.6/aws_services/applicationinsights.json +0 -543
  159. iam_policy_validator-1.14.6/aws_services/appmesh-preview.json +0 -855
  160. iam_policy_validator-1.14.6/aws_services/appmesh.json +0 -1045
  161. iam_policy_validator-1.14.6/aws_services/apprunner.json +0 -1057
  162. iam_policy_validator-1.14.6/aws_services/appstream.json +0 -1800
  163. iam_policy_validator-1.14.6/aws_services/appstudio.json +0 -101
  164. iam_policy_validator-1.14.6/aws_services/appsync.json +0 -1621
  165. iam_policy_validator-1.14.6/aws_services/apptest.json +0 -540
  166. iam_policy_validator-1.14.6/aws_services/aps.json +0 -1504
  167. iam_policy_validator-1.14.6/aws_services/arc-region-switch.json +0 -493
  168. iam_policy_validator-1.14.6/aws_services/arc-zonal-shift.json +0 -405
  169. iam_policy_validator-1.14.6/aws_services/arsenal.json +0 -21
  170. iam_policy_validator-1.14.6/aws_services/artifact.json +0 -299
  171. iam_policy_validator-1.14.6/aws_services/athena.json +0 -1600
  172. iam_policy_validator-1.14.6/aws_services/auditmanager.json +0 -1228
  173. iam_policy_validator-1.14.6/aws_services/autoscaling-plans.json +0 -96
  174. iam_policy_validator-1.14.6/aws_services/autoscaling.json +0 -1600
  175. iam_policy_validator-1.14.6/aws_services/aws-marketplace-management.json +0 -201
  176. iam_policy_validator-1.14.6/aws_services/aws-marketplace.json +0 -1031
  177. iam_policy_validator-1.14.6/aws_services/aws-portal.json +0 -141
  178. iam_policy_validator-1.14.6/aws_services/awsconnector.json +0 -51
  179. iam_policy_validator-1.14.6/aws_services/b2bi.json +0 -693
  180. iam_policy_validator-1.14.6/aws_services/backup-gateway.json +0 -606
  181. iam_policy_validator-1.14.6/aws_services/backup-search.json +0 -296
  182. iam_policy_validator-1.14.6/aws_services/backup-storage.json +0 -231
  183. iam_policy_validator-1.14.6/aws_services/backup.json +0 -2196
  184. iam_policy_validator-1.14.6/aws_services/batch.json +0 -1071
  185. iam_policy_validator-1.14.6/aws_services/bcm-dashboards.json +0 -162
  186. iam_policy_validator-1.14.6/aws_services/bcm-data-exports.json +0 -307
  187. iam_policy_validator-1.14.6/aws_services/bcm-pricing-calculator.json +0 -723
  188. iam_policy_validator-1.14.6/aws_services/bcm-recommended-actions.json +0 -21
  189. iam_policy_validator-1.14.6/aws_services/bedrock-agentcore.json +0 -2283
  190. iam_policy_validator-1.14.6/aws_services/bedrock.json +0 -5215
  191. iam_policy_validator-1.14.6/aws_services/billing.json +0 -570
  192. iam_policy_validator-1.14.6/aws_services/billingconductor.json +0 -729
  193. iam_policy_validator-1.14.6/aws_services/braket.json +0 -347
  194. iam_policy_validator-1.14.6/aws_services/budgets.json +0 -326
  195. iam_policy_validator-1.14.6/aws_services/bugbust.json +0 -421
  196. iam_policy_validator-1.14.6/aws_services/cases.json +0 -1053
  197. iam_policy_validator-1.14.6/aws_services/cassandra.json +0 -536
  198. iam_policy_validator-1.14.6/aws_services/ce.json +0 -1143
  199. iam_policy_validator-1.14.6/aws_services/chatbot.json +0 -772
  200. iam_policy_validator-1.14.6/aws_services/chime.json +0 -6165
  201. iam_policy_validator-1.14.6/aws_services/cleanrooms-ml.json +0 -1501
  202. iam_policy_validator-1.14.6/aws_services/cleanrooms.json +0 -2193
  203. iam_policy_validator-1.14.6/aws_services/cloud9.json +0 -667
  204. iam_policy_validator-1.14.6/aws_services/clouddirectory.json +0 -1385
  205. iam_policy_validator-1.14.6/aws_services/cloudformation.json +0 -2024
  206. iam_policy_validator-1.14.6/aws_services/cloudfront-keyvaluestore.json +0 -134
  207. iam_policy_validator-1.14.6/aws_services/cloudfront.json +0 -3023
  208. iam_policy_validator-1.14.6/aws_services/cloudhsm.json +0 -415
  209. iam_policy_validator-1.14.6/aws_services/cloudsearch.json +0 -654
  210. iam_policy_validator-1.14.6/aws_services/cloudshell.json +0 -249
  211. iam_policy_validator-1.14.6/aws_services/cloudtrail-data.json +0 -57
  212. iam_policy_validator-1.14.6/aws_services/cloudtrail.json +0 -1361
  213. iam_policy_validator-1.14.6/aws_services/cloudwatch.json +0 -1139
  214. iam_policy_validator-1.14.6/aws_services/codeartifact.json +0 -1096
  215. iam_policy_validator-1.14.6/aws_services/codebuild.json +0 -2400
  216. iam_policy_validator-1.14.6/aws_services/codecatalyst.json +0 -708
  217. iam_policy_validator-1.14.6/aws_services/codecommit.json +0 -1853
  218. iam_policy_validator-1.14.6/aws_services/codeconnections.json +0 -893
  219. iam_policy_validator-1.14.6/aws_services/codedeploy-commands-secure.json +0 -66
  220. iam_policy_validator-1.14.6/aws_services/codedeploy.json +0 -972
  221. iam_policy_validator-1.14.6/aws_services/codeguru-profiler.json +0 -493
  222. iam_policy_validator-1.14.6/aws_services/codeguru-reviewer.json +0 -391
  223. iam_policy_validator-1.14.6/aws_services/codeguru-security.json +0 -319
  224. iam_policy_validator-1.14.6/aws_services/codeguru.json +0 -21
  225. iam_policy_validator-1.14.6/aws_services/codepipeline.json +0 -928
  226. iam_policy_validator-1.14.6/aws_services/codestar-connections.json +0 -893
  227. iam_policy_validator-1.14.6/aws_services/codestar-notifications.json +0 -340
  228. iam_policy_validator-1.14.6/aws_services/codestar.json +0 -478
  229. iam_policy_validator-1.14.6/aws_services/codewhisperer.json +0 -455
  230. iam_policy_validator-1.14.6/aws_services/cognito-identity.json +0 -518
  231. iam_policy_validator-1.14.6/aws_services/cognito-idp.json +0 -2277
  232. iam_policy_validator-1.14.6/aws_services/cognito-sync.json +0 -401
  233. iam_policy_validator-1.14.6/aws_services/comprehend.json +0 -2071
  234. iam_policy_validator-1.14.6/aws_services/comprehendmedical.json +0 -389
  235. iam_policy_validator-1.14.6/aws_services/compute-optimizer.json +0 -446
  236. iam_policy_validator-1.14.6/aws_services/config.json +0 -1936
  237. iam_policy_validator-1.14.6/aws_services/connect-campaigns.json +0 -768
  238. iam_policy_validator-1.14.6/aws_services/connect.json +0 -7821
  239. iam_policy_validator-1.14.6/aws_services/consoleapp.json +0 -49
  240. iam_policy_validator-1.14.6/aws_services/consolidatedbilling.json +0 -36
  241. iam_policy_validator-1.14.6/aws_services/controlcatalog.json +0 -132
  242. iam_policy_validator-1.14.6/aws_services/controltower.json +0 -1158
  243. iam_policy_validator-1.14.6/aws_services/cost-optimization-hub.json +0 -111
  244. iam_policy_validator-1.14.6/aws_services/cur.json +0 -261
  245. iam_policy_validator-1.14.6/aws_services/customer-verification.json +0 -81
  246. iam_policy_validator-1.14.6/aws_services/databrew.json +0 -984
  247. iam_policy_validator-1.14.6/aws_services/dataexchange.json +0 -956
  248. iam_policy_validator-1.14.6/aws_services/datapipeline.json +0 -514
  249. iam_policy_validator-1.14.6/aws_services/datasync.json +0 -1441
  250. iam_policy_validator-1.14.6/aws_services/datazone.json +0 -3021
  251. iam_policy_validator-1.14.6/aws_services/dax.json +0 -579
  252. iam_policy_validator-1.14.6/aws_services/dbqms.json +0 -201
  253. iam_policy_validator-1.14.6/aws_services/deadline.json +0 -2639
  254. iam_policy_validator-1.14.6/aws_services/deepcomposer.json +0 -442
  255. iam_policy_validator-1.14.6/aws_services/deepracer.json +0 -1302
  256. iam_policy_validator-1.14.6/aws_services/detective.json +0 -733
  257. iam_policy_validator-1.14.6/aws_services/devicefarm.json +0 -1751
  258. iam_policy_validator-1.14.6/aws_services/devops-guru.json +0 -503
  259. iam_policy_validator-1.14.6/aws_services/directconnect.json +0 -1424
  260. iam_policy_validator-1.14.6/aws_services/discovery.json +0 -452
  261. iam_policy_validator-1.14.6/aws_services/dlm.json +0 -198
  262. iam_policy_validator-1.14.6/aws_services/dms.json +0 -2544
  263. iam_policy_validator-1.14.6/aws_services/docdb-elastic.json +0 -481
  264. iam_policy_validator-1.14.6/aws_services/drs.json +0 -1937
  265. iam_policy_validator-1.14.6/aws_services/ds-data.json +0 -478
  266. iam_policy_validator-1.14.6/aws_services/ds.json +0 -1810
  267. iam_policy_validator-1.14.6/aws_services/dsql.json +0 -567
  268. iam_policy_validator-1.14.6/aws_services/dynamodb.json +0 -1640
  269. iam_policy_validator-1.14.6/aws_services/ebs.json +0 -203
  270. iam_policy_validator-1.14.6/aws_services/ec2-instance-connect.json +0 -139
  271. iam_policy_validator-1.14.6/aws_services/ec2.json +0 -25565
  272. iam_policy_validator-1.14.6/aws_services/ec2messages.json +0 -118
  273. iam_policy_validator-1.14.6/aws_services/ecr-public.json +0 -516
  274. iam_policy_validator-1.14.6/aws_services/ecr.json +0 -1016
  275. iam_policy_validator-1.14.6/aws_services/ecs.json +0 -1832
  276. iam_policy_validator-1.14.6/aws_services/eks-auth.json +0 -45
  277. iam_policy_validator-1.14.6/aws_services/eks.json +0 -1597
  278. iam_policy_validator-1.14.6/aws_services/elasticache.json +0 -2402
  279. iam_policy_validator-1.14.6/aws_services/elasticbeanstalk.json +0 -1331
  280. iam_policy_validator-1.14.6/aws_services/elasticfilesystem.json +0 -866
  281. iam_policy_validator-1.14.6/aws_services/elasticloadbalancing.json +0 -1911
  282. iam_policy_validator-1.14.6/aws_services/elasticmapreduce.json +0 -1690
  283. iam_policy_validator-1.14.6/aws_services/elastictranscoder.json +0 -339
  284. iam_policy_validator-1.14.6/aws_services/elemental-activations.json +0 -201
  285. iam_policy_validator-1.14.6/aws_services/elemental-appliances-software.json +0 -239
  286. iam_policy_validator-1.14.6/aws_services/elemental-support-cases.json +0 -363
  287. iam_policy_validator-1.14.6/aws_services/elemental-support-content.json +0 -21
  288. iam_policy_validator-1.14.6/aws_services/emr-containers.json +0 -616
  289. iam_policy_validator-1.14.6/aws_services/emr-serverless.json +0 -440
  290. iam_policy_validator-1.14.6/aws_services/entityresolution.json +0 -840
  291. iam_policy_validator-1.14.6/aws_services/es.json +0 -2084
  292. iam_policy_validator-1.14.6/aws_services/events.json +0 -1451
  293. iam_policy_validator-1.14.6/aws_services/evidently.json +0 -819
  294. iam_policy_validator-1.14.6/aws_services/evs.json +0 -300
  295. iam_policy_validator-1.14.6/aws_services/execute-api.json +0 -94
  296. iam_policy_validator-1.14.6/aws_services/finspace-api.json +0 -34
  297. iam_policy_validator-1.14.6/aws_services/finspace.json +0 -1400
  298. iam_policy_validator-1.14.6/aws_services/firehose.json +0 -283
  299. iam_policy_validator-1.14.6/aws_services/fis.json +0 -713
  300. iam_policy_validator-1.14.6/aws_services/fms.json +0 -851
  301. iam_policy_validator-1.14.6/aws_services/forecast.json +0 -1757
  302. iam_policy_validator-1.14.6/aws_services/frauddetector.json +0 -1878
  303. iam_policy_validator-1.14.6/aws_services/freertos.json +0 -379
  304. iam_policy_validator-1.14.6/aws_services/freetier.json +0 -111
  305. iam_policy_validator-1.14.6/aws_services/fsx.json +0 -1400
  306. iam_policy_validator-1.14.6/aws_services/gamelift.json +0 -2421
  307. iam_policy_validator-1.14.6/aws_services/gameliftstreams.json +0 -531
  308. iam_policy_validator-1.14.6/aws_services/geo-maps.json +0 -54
  309. iam_policy_validator-1.14.6/aws_services/geo-places.json +0 -154
  310. iam_policy_validator-1.14.6/aws_services/geo-routes.json +0 -114
  311. iam_policy_validator-1.14.6/aws_services/geo.json +0 -1402
  312. iam_policy_validator-1.14.6/aws_services/glacier.json +0 -669
  313. iam_policy_validator-1.14.6/aws_services/globalaccelerator.json +0 -1142
  314. iam_policy_validator-1.14.6/aws_services/glue.json +0 -6633
  315. iam_policy_validator-1.14.6/aws_services/grafana.json +0 -538
  316. iam_policy_validator-1.14.6/aws_services/greengrass.json +0 -2532
  317. iam_policy_validator-1.14.6/aws_services/groundstation.json +0 -810
  318. iam_policy_validator-1.14.6/aws_services/groundtruthlabeling.json +0 -246
  319. iam_policy_validator-1.14.6/aws_services/guardduty.json +0 -1615
  320. iam_policy_validator-1.14.6/aws_services/health.json +0 -256
  321. iam_policy_validator-1.14.6/aws_services/healthlake.json +0 -779
  322. iam_policy_validator-1.14.6/aws_services/honeycode.json +0 -542
  323. iam_policy_validator-1.14.6/aws_services/identity-sync.json +0 -284
  324. iam_policy_validator-1.14.6/aws_services/identitystore-auth.json +0 -51
  325. iam_policy_validator-1.14.6/aws_services/identitystore.json +0 -567
  326. iam_policy_validator-1.14.6/aws_services/imagebuilder.json +0 -1791
  327. iam_policy_validator-1.14.6/aws_services/importexport.json +0 -96
  328. iam_policy_validator-1.14.6/aws_services/inspector-scan.json +0 -21
  329. iam_policy_validator-1.14.6/aws_services/inspector.json +0 -561
  330. iam_policy_validator-1.14.6/aws_services/inspector2.json +0 -1325
  331. iam_policy_validator-1.14.6/aws_services/internetmonitor.json +0 -388
  332. iam_policy_validator-1.14.6/aws_services/invoicing.json +0 -329
  333. iam_policy_validator-1.14.6/aws_services/iot-device-tester.json +0 -81
  334. iam_policy_validator-1.14.6/aws_services/iot.json +0 -6181
  335. iam_policy_validator-1.14.6/aws_services/iotanalytics.json +0 -768
  336. iam_policy_validator-1.14.6/aws_services/iotdeviceadvisor.json +0 -330
  337. iam_policy_validator-1.14.6/aws_services/iotevents.json +0 -833
  338. iam_policy_validator-1.14.6/aws_services/iotfleethub.json +0 -198
  339. iam_policy_validator-1.14.6/aws_services/iotfleetwise.json +0 -1313
  340. iam_policy_validator-1.14.6/aws_services/iotjobsdata.json +0 -108
  341. iam_policy_validator-1.14.6/aws_services/iotmanagedintegrations.json +0 -1568
  342. iam_policy_validator-1.14.6/aws_services/iotsitewise.json +0 -2388
  343. iam_policy_validator-1.14.6/aws_services/iottwinmaker.json +0 -990
  344. iam_policy_validator-1.14.6/aws_services/iotwireless.json +0 -2459
  345. iam_policy_validator-1.14.6/aws_services/iq-permission.json +0 -194
  346. iam_policy_validator-1.14.6/aws_services/iq.json +0 -1295
  347. iam_policy_validator-1.14.6/aws_services/ivs.json +0 -1696
  348. iam_policy_validator-1.14.6/aws_services/ivschat.json +0 -415
  349. iam_policy_validator-1.14.6/aws_services/kafka-cluster.json +0 -423
  350. iam_policy_validator-1.14.6/aws_services/kafka.json +0 -1116
  351. iam_policy_validator-1.14.6/aws_services/kafkaconnect.json +0 -452
  352. iam_policy_validator-1.14.6/aws_services/kendra-ranking.json +0 -218
  353. iam_policy_validator-1.14.6/aws_services/kendra.json +0 -1576
  354. iam_policy_validator-1.14.6/aws_services/kinesis.json +0 -925
  355. iam_policy_validator-1.14.6/aws_services/kinesisanalytics.json +0 -713
  356. iam_policy_validator-1.14.6/aws_services/kinesisvideo.json +0 -942
  357. iam_policy_validator-1.14.6/aws_services/kms.json +0 -2213
  358. iam_policy_validator-1.14.6/aws_services/lakeformation.json +0 -902
  359. iam_policy_validator-1.14.6/aws_services/lambda.json +0 -1616
  360. iam_policy_validator-1.14.6/aws_services/launchwizard.json +0 -643
  361. iam_policy_validator-1.14.6/aws_services/lex.json +0 -3086
  362. iam_policy_validator-1.14.6/aws_services/license-manager-linux-subscriptions.json +0 -238
  363. iam_policy_validator-1.14.6/aws_services/license-manager-user-subscriptions.json +0 -440
  364. iam_policy_validator-1.14.6/aws_services/license-manager.json +0 -1007
  365. iam_policy_validator-1.14.6/aws_services/lightsail.json +0 -3142
  366. iam_policy_validator-1.14.6/aws_services/logs.json +0 -2007
  367. iam_policy_validator-1.14.6/aws_services/lookoutequipment.json +0 -1138
  368. iam_policy_validator-1.14.6/aws_services/lookoutmetrics.json +0 -689
  369. iam_policy_validator-1.14.6/aws_services/lookoutvision.json +0 -494
  370. iam_policy_validator-1.14.6/aws_services/m2.json +0 -775
  371. iam_policy_validator-1.14.6/aws_services/machinelearning.json +0 -614
  372. iam_policy_validator-1.14.6/aws_services/macie2.json +0 -1464
  373. iam_policy_validator-1.14.6/aws_services/managedblockchain-query.json +0 -141
  374. iam_policy_validator-1.14.6/aws_services/managedblockchain.json +0 -780
  375. iam_policy_validator-1.14.6/aws_services/mapcredits.json +0 -74
  376. iam_policy_validator-1.14.6/aws_services/marketplacecommerceanalytics.json +0 -36
  377. iam_policy_validator-1.14.6/aws_services/mechanicalturk.json +0 -591
  378. iam_policy_validator-1.14.6/aws_services/mediaconnect.json +0 -960
  379. iam_policy_validator-1.14.6/aws_services/mediaconvert.json +0 -733
  380. iam_policy_validator-1.14.6/aws_services/mediaimport.json +0 -21
  381. iam_policy_validator-1.14.6/aws_services/medialive.json +0 -2777
  382. iam_policy_validator-1.14.6/aws_services/mediapackage-vod.json +0 -402
  383. iam_policy_validator-1.14.6/aws_services/mediapackage.json +0 -442
  384. iam_policy_validator-1.14.6/aws_services/mediapackagev2.json +0 -921
  385. iam_policy_validator-1.14.6/aws_services/mediastore.json +0 -570
  386. iam_policy_validator-1.14.6/aws_services/mediatailor.json +0 -974
  387. iam_policy_validator-1.14.6/aws_services/medical-imaging.json +0 -638
  388. iam_policy_validator-1.14.6/aws_services/memorydb.json +0 -1259
  389. iam_policy_validator-1.14.6/aws_services/mgh.json +0 -932
  390. iam_policy_validator-1.14.6/aws_services/mgn.json +0 -2644
  391. iam_policy_validator-1.14.6/aws_services/migrationhub-orchestrator.json +0 -711
  392. iam_policy_validator-1.14.6/aws_services/migrationhub-strategy.json +0 -471
  393. iam_policy_validator-1.14.6/aws_services/mobileanalytics.json +0 -51
  394. iam_policy_validator-1.14.6/aws_services/mobiletargeting.json +0 -2802
  395. iam_policy_validator-1.14.6/aws_services/monitron.json +0 -398
  396. iam_policy_validator-1.14.6/aws_services/mpa.json +0 -534
  397. iam_policy_validator-1.14.6/aws_services/mq.json +0 -560
  398. iam_policy_validator-1.14.6/aws_services/neptune-db.json +0 -697
  399. iam_policy_validator-1.14.6/aws_services/neptune-graph.json +0 -956
  400. iam_policy_validator-1.14.6/aws_services/network-firewall.json +0 -1370
  401. iam_policy_validator-1.14.6/aws_services/network-security-director.json +0 -141
  402. iam_policy_validator-1.14.6/aws_services/networkflowmonitor.json +0 -570
  403. iam_policy_validator-1.14.6/aws_services/networkmanager-chat.json +0 -111
  404. iam_policy_validator-1.14.6/aws_services/networkmanager.json +0 -2143
  405. iam_policy_validator-1.14.6/aws_services/networkmonitor.json +0 -288
  406. iam_policy_validator-1.14.6/aws_services/nimble.json +0 -1265
  407. iam_policy_validator-1.14.6/aws_services/notifications-contacts.json +0 -213
  408. iam_policy_validator-1.14.6/aws_services/notifications.json +0 -813
  409. iam_policy_validator-1.14.6/aws_services/oam.json +0 -387
  410. iam_policy_validator-1.14.6/aws_services/observabilityadmin.json +0 -628
  411. iam_policy_validator-1.14.6/aws_services/odb.json +0 -1076
  412. iam_policy_validator-1.14.6/aws_services/omics.json +0 -2088
  413. iam_policy_validator-1.14.6/aws_services/one.json +0 -675
  414. iam_policy_validator-1.14.6/aws_services/opensearch.json +0 -120
  415. iam_policy_validator-1.14.6/aws_services/opsworks-cm.json +0 -305
  416. iam_policy_validator-1.14.6/aws_services/opsworks.json +0 -1454
  417. iam_policy_validator-1.14.6/aws_services/organizations.json +0 -1311
  418. iam_policy_validator-1.14.6/aws_services/osis.json +0 -497
  419. iam_policy_validator-1.14.6/aws_services/outposts.json +0 -729
  420. iam_policy_validator-1.14.6/aws_services/panorama.json +0 -727
  421. iam_policy_validator-1.14.6/aws_services/partnercentral-account-management.json +0 -51
  422. iam_policy_validator-1.14.6/aws_services/partnercentral.json +0 -940
  423. iam_policy_validator-1.14.6/aws_services/payment-cryptography.json +0 -777
  424. iam_policy_validator-1.14.6/aws_services/payments.json +0 -428
  425. iam_policy_validator-1.14.6/aws_services/pca-connector-ad.json +0 -564
  426. iam_policy_validator-1.14.6/aws_services/pca-connector-scep.json +0 -282
  427. iam_policy_validator-1.14.6/aws_services/pcs.json +0 -510
  428. iam_policy_validator-1.14.6/aws_services/personalize.json +0 -1661
  429. iam_policy_validator-1.14.6/aws_services/pi.json +0 -335
  430. iam_policy_validator-1.14.6/aws_services/pipes.json +0 -264
  431. iam_policy_validator-1.14.6/aws_services/polly.json +0 -174
  432. iam_policy_validator-1.14.6/aws_services/pricing.json +0 -81
  433. iam_policy_validator-1.14.6/aws_services/private-networks.json +0 -646
  434. iam_policy_validator-1.14.6/aws_services/profile.json +0 -1988
  435. iam_policy_validator-1.14.6/aws_services/proton.json +0 -2482
  436. iam_policy_validator-1.14.6/aws_services/purchase-orders.json +0 -341
  437. iam_policy_validator-1.14.6/aws_services/q.json +0 -699
  438. iam_policy_validator-1.14.6/aws_services/qapps.json +0 -1017
  439. iam_policy_validator-1.14.6/aws_services/qbusiness.json +0 -2236
  440. iam_policy_validator-1.14.6/aws_services/qdeveloper.json +0 -183
  441. iam_policy_validator-1.14.6/aws_services/qldb.json +0 -816
  442. iam_policy_validator-1.14.6/aws_services/quicksight.json +0 -5593
  443. iam_policy_validator-1.14.6/aws_services/ram.json +0 -877
  444. iam_policy_validator-1.14.6/aws_services/rbin.json +0 -287
  445. iam_policy_validator-1.14.6/aws_services/rds-data.json +0 -176
  446. iam_policy_validator-1.14.6/aws_services/rds-db.json +0 -34
  447. iam_policy_validator-1.14.6/aws_services/rds.json +0 -4376
  448. iam_policy_validator-1.14.6/aws_services/redshift-data.json +0 -296
  449. iam_policy_validator-1.14.6/aws_services/redshift-serverless.json +0 -1335
  450. iam_policy_validator-1.14.6/aws_services/redshift.json +0 -3367
  451. iam_policy_validator-1.14.6/aws_services/refactor-spaces.json +0 -655
  452. iam_policy_validator-1.14.6/aws_services/rekognition.json +0 -1503
  453. iam_policy_validator-1.14.6/aws_services/repostspace.json +0 -422
  454. iam_policy_validator-1.14.6/aws_services/resiliencehub.json +0 -1325
  455. iam_policy_validator-1.14.6/aws_services/resource-explorer-2.json +0 -705
  456. iam_policy_validator-1.14.6/aws_services/resource-explorer.json +0 -51
  457. iam_policy_validator-1.14.6/aws_services/resource-groups.json +0 -607
  458. iam_policy_validator-1.14.6/aws_services/rhelkb.json +0 -21
  459. iam_policy_validator-1.14.6/aws_services/robomaker.json +0 -1335
  460. iam_policy_validator-1.14.6/aws_services/rolesanywhere.json +0 -661
  461. iam_policy_validator-1.14.6/aws_services/route53-recovery-cluster.json +0 -103
  462. iam_policy_validator-1.14.6/aws_services/route53-recovery-control-config.json +0 -627
  463. iam_policy_validator-1.14.6/aws_services/route53-recovery-readiness.json +0 -713
  464. iam_policy_validator-1.14.6/aws_services/route53.json +0 -1418
  465. iam_policy_validator-1.14.6/aws_services/route53domains.json +0 -516
  466. iam_policy_validator-1.14.6/aws_services/route53profiles.json +0 -357
  467. iam_policy_validator-1.14.6/aws_services/route53resolver.json +0 -1540
  468. iam_policy_validator-1.14.6/aws_services/rtbfabric.json +0 -632
  469. iam_policy_validator-1.14.6/aws_services/rum.json +0 -438
  470. iam_policy_validator-1.14.6/aws_services/s3-object-lambda.json +0 -697
  471. iam_policy_validator-1.14.6/aws_services/s3-outposts.json +0 -1445
  472. iam_policy_validator-1.14.6/aws_services/s3express.json +0 -845
  473. iam_policy_validator-1.14.6/aws_services/s3tables.json +0 -788
  474. iam_policy_validator-1.14.6/aws_services/s3vectors.json +0 -353
  475. iam_policy_validator-1.14.6/aws_services/sagemaker-data-science-assistant.json +0 -21
  476. iam_policy_validator-1.14.6/aws_services/sagemaker-geospatial.json +0 -479
  477. iam_policy_validator-1.14.6/aws_services/sagemaker-mlflow.json +0 -1247
  478. iam_policy_validator-1.14.6/aws_services/sagemaker.json +0 -9855
  479. iam_policy_validator-1.14.6/aws_services/savingsplans.json +0 -245
  480. iam_policy_validator-1.14.6/aws_services/scheduler.json +0 -307
  481. iam_policy_validator-1.14.6/aws_services/schemas.json +0 -705
  482. iam_policy_validator-1.14.6/aws_services/scn.json +0 -813
  483. iam_policy_validator-1.14.6/aws_services/sdb.json +0 -209
  484. iam_policy_validator-1.14.6/aws_services/secretsmanager.json +0 -756
  485. iam_policy_validator-1.14.6/aws_services/security-ir.json +0 -506
  486. iam_policy_validator-1.14.6/aws_services/securityhub.json +0 -2313
  487. iam_policy_validator-1.14.6/aws_services/securitylake.json +0 -638
  488. iam_policy_validator-1.14.6/aws_services/serverlessrepo.json +0 -325
  489. iam_policy_validator-1.14.6/aws_services/servicecatalog.json +0 -2287
  490. iam_policy_validator-1.14.6/aws_services/servicediscovery.json +0 -768
  491. iam_policy_validator-1.14.6/aws_services/serviceextract.json +0 -21
  492. iam_policy_validator-1.14.6/aws_services/servicequotas.json +0 -423
  493. iam_policy_validator-1.14.6/aws_services/ses.json +0 -5172
  494. iam_policy_validator-1.14.6/aws_services/shield.json +0 -755
  495. iam_policy_validator-1.14.6/aws_services/signer.json +0 -437
  496. iam_policy_validator-1.14.6/aws_services/signin.json +0 -36
  497. iam_policy_validator-1.14.6/aws_services/simspaceweaver.json +0 -353
  498. iam_policy_validator-1.14.6/aws_services/sms-voice.json +0 -2083
  499. iam_policy_validator-1.14.6/aws_services/sms.json +0 -561
  500. iam_policy_validator-1.14.6/aws_services/snow-device-management.json +0 -298
  501. iam_policy_validator-1.14.6/aws_services/snowball.json +0 -411
  502. iam_policy_validator-1.14.6/aws_services/sns.json +0 -754
  503. iam_policy_validator-1.14.6/aws_services/social-messaging.json +0 -479
  504. iam_policy_validator-1.14.6/aws_services/sqlworkbench.json +0 -1553
  505. iam_policy_validator-1.14.6/aws_services/sqs.json +0 -443
  506. iam_policy_validator-1.14.6/aws_services/ssm-contacts.json +0 -868
  507. iam_policy_validator-1.14.6/aws_services/ssm-guiconnect.json +0 -111
  508. iam_policy_validator-1.14.6/aws_services/ssm-incidents.json +0 -717
  509. iam_policy_validator-1.14.6/aws_services/ssm-quicksetup.json +0 -309
  510. iam_policy_validator-1.14.6/aws_services/ssm-sap.json +0 -573
  511. iam_policy_validator-1.14.6/aws_services/ssm.json +0 -3613
  512. iam_policy_validator-1.14.6/aws_services/ssmmessages.json +0 -84
  513. iam_policy_validator-1.14.6/aws_services/sso-directory.json +0 -861
  514. iam_policy_validator-1.14.6/aws_services/sso-oauth.json +0 -74
  515. iam_policy_validator-1.14.6/aws_services/sso.json +0 -2493
  516. iam_policy_validator-1.14.6/aws_services/states.json +0 -914
  517. iam_policy_validator-1.14.6/aws_services/storagegateway.json +0 -2120
  518. iam_policy_validator-1.14.6/aws_services/sts.json +0 -728
  519. iam_policy_validator-1.14.6/aws_services/support-console.json +0 -171
  520. iam_policy_validator-1.14.6/aws_services/support.json +0 -471
  521. iam_policy_validator-1.14.6/aws_services/supportapp.json +0 -201
  522. iam_policy_validator-1.14.6/aws_services/supportplans.json +0 -81
  523. iam_policy_validator-1.14.6/aws_services/sustainability.json +0 -21
  524. iam_policy_validator-1.14.6/aws_services/swf.json +0 -1250
  525. iam_policy_validator-1.14.6/aws_services/synthetics.json +0 -545
  526. iam_policy_validator-1.14.6/aws_services/tag.json +0 -126
  527. iam_policy_validator-1.14.6/aws_services/tax.json +0 -351
  528. iam_policy_validator-1.14.6/aws_services/textract.json +0 -490
  529. iam_policy_validator-1.14.6/aws_services/thinclient.json +0 -463
  530. iam_policy_validator-1.14.6/aws_services/timestream-influxdb.json +0 -423
  531. iam_policy_validator-1.14.6/aws_services/timestream.json +0 -767
  532. iam_policy_validator-1.14.6/aws_services/tiros.json +0 -81
  533. iam_policy_validator-1.14.6/aws_services/tnb.json +0 -831
  534. iam_policy_validator-1.14.6/aws_services/transcribe.json +0 -1073
  535. iam_policy_validator-1.14.6/aws_services/transfer.json +0 -1607
  536. iam_policy_validator-1.14.6/aws_services/transform.json +0 -271
  537. iam_policy_validator-1.14.6/aws_services/translate.json +0 -426
  538. iam_policy_validator-1.14.6/aws_services/trustedadvisor.json +0 -829
  539. iam_policy_validator-1.14.6/aws_services/ts.json +0 -223
  540. iam_policy_validator-1.14.6/aws_services/user-subscriptions.json +0 -107
  541. iam_policy_validator-1.14.6/aws_services/uxc.json +0 -51
  542. iam_policy_validator-1.14.6/aws_services/vendor-insights.json +0 -570
  543. iam_policy_validator-1.14.6/aws_services/verified-access.json +0 -21
  544. iam_policy_validator-1.14.6/aws_services/verifiedpermissions.json +0 -579
  545. iam_policy_validator-1.14.6/aws_services/voiceid.json +0 -648
  546. iam_policy_validator-1.14.6/aws_services/vpc-lattice-svcs.json +0 -134
  547. iam_policy_validator-1.14.6/aws_services/vpc-lattice.json +0 -1876
  548. iam_policy_validator-1.14.6/aws_services/vpce.json +0 -21
  549. iam_policy_validator-1.14.6/aws_services/waf-regional.json +0 -1706
  550. iam_policy_validator-1.14.6/aws_services/waf.json +0 -1617
  551. iam_policy_validator-1.14.6/aws_services/wafv2.json +0 -1355
  552. iam_policy_validator-1.14.6/aws_services/wam.json +0 -21
  553. iam_policy_validator-1.14.6/aws_services/wellarchitected.json +0 -1665
  554. iam_policy_validator-1.14.6/aws_services/wickr.json +0 -185
  555. iam_policy_validator-1.14.6/aws_services/wisdom.json +0 -2122
  556. iam_policy_validator-1.14.6/aws_services/workdocs.json +0 -934
  557. iam_policy_validator-1.14.6/aws_services/worklink.json +0 -726
  558. iam_policy_validator-1.14.6/aws_services/workmail.json +0 -2548
  559. iam_policy_validator-1.14.6/aws_services/workmailmessageflow.json +0 -54
  560. iam_policy_validator-1.14.6/aws_services/workspaces-instances.json +0 -292
  561. iam_policy_validator-1.14.6/aws_services/workspaces-web.json +0 -1652
  562. iam_policy_validator-1.14.6/aws_services/workspaces.json +0 -2038
  563. iam_policy_validator-1.14.6/aws_services/xray.json +0 -813
  564. iam_policy_validator-1.14.6/docs/README.md +0 -86
  565. iam_policy_validator-1.14.6/docs/ROADMAP.md +0 -307
  566. iam_policy_validator-1.14.6/docs/SDK.md +0 -714
  567. iam_policy_validator-1.14.6/docs/aws-api-configuration.md +0 -157
  568. iam_policy_validator-1.14.6/docs/aws-services-backup.md +0 -159
  569. iam_policy_validator-1.14.6/docs/check-reference.md +0 -1910
  570. iam_policy_validator-1.14.6/docs/condition-requirements.md +0 -179
  571. iam_policy_validator-1.14.6/docs/configuration.md +0 -589
  572. iam_policy_validator-1.14.6/docs/custom-checks.md +0 -558
  573. iam_policy_validator-1.14.6/docs/development/PUBLISHING.md +0 -281
  574. iam_policy_validator-1.14.6/docs/development/pre-release-guide.md +0 -371
  575. iam_policy_validator-1.14.6/docs/github-actions-examples.md +0 -473
  576. iam_policy_validator-1.14.6/docs/github-actions-workflows.md +0 -289
  577. iam_policy_validator-1.14.6/docs/modular-configuration.md +0 -327
  578. iam_policy_validator-1.14.6/docs/privilege-escalation.md +0 -307
  579. iam_policy_validator-1.14.6/docs/python-library-usage.md +0 -978
  580. iam_policy_validator-1.14.6/docs/query-command.md +0 -257
  581. iam_policy_validator-1.14.6/docs/shell-completion.md +0 -311
  582. iam_policy_validator-1.14.6/docs/smart-filtering.md +0 -381
  583. iam_policy_validator-1.14.6/examples/README.md +0 -256
  584. iam_policy_validator-1.14.6/examples/configs/README.md +0 -446
  585. iam_policy_validator-1.14.6/examples/custom_checks/README.md +0 -623
  586. iam_policy_validator-1.14.6/examples/custom_checks/advanced_multi_condition_validator.py +0 -501
  587. iam_policy_validator-1.14.6/examples/custom_checks/cross_account_external_id_check.py +0 -304
  588. iam_policy_validator-1.14.6/examples/custom_checks/domain_restriction_check.py +0 -121
  589. iam_policy_validator-1.14.6/examples/custom_checks/encryption_required_check.py +0 -155
  590. iam_policy_validator-1.14.6/examples/custom_checks/mfa_required_check.py +0 -121
  591. iam_policy_validator-1.14.6/examples/custom_checks/region_restriction_check.py +0 -133
  592. iam_policy_validator-1.14.6/examples/custom_checks/tag_enforcement_check.py +0 -124
  593. iam_policy_validator-1.14.6/examples/custom_checks/time_based_access_check.py +0 -237
  594. iam_policy_validator-1.14.6/examples/github-actions/README.md +0 -119
  595. iam_policy_validator-1.14.6/examples/iam-test-policies/README.md +0 -159
  596. iam_policy_validator-1.14.6/examples/iam-test-policies/resource-policies/README.md +0 -218
  597. iam_policy_validator-1.14.6/examples/iam-test-policies/wrong_actions_mismatch/README.md +0 -88
  598. iam_policy_validator-1.14.6/examples/library-usage/README.md +0 -225
  599. iam_policy_validator-1.14.6/examples/library-usage/example1_basic_usage.py +0 -77
  600. iam_policy_validator-1.14.6/examples/library-usage/example2_config_file.py +0 -111
  601. iam_policy_validator-1.14.6/examples/library-usage/example3_programmatic_config.py +0 -158
  602. iam_policy_validator-1.14.6/examples/library-usage/example4_custom_condition_requirements.py +0 -347
  603. iam_policy_validator-1.14.6/examples/library-usage/example5_query_aws_services.py +0 -230
  604. iam_policy_validator-1.14.6/examples/library-usage/policies/my-policy.json +0 -17
  605. iam_policy_validator-1.14.6/examples/library-usage/policies/policy1.json +0 -14
  606. iam_policy_validator-1.14.6/examples/library-usage/policies/policy2.json +0 -14
  607. iam_policy_validator-1.14.6/examples/query-examples.sh +0 -71
  608. iam_policy_validator-1.14.6/examples/trust-policies/README.md +0 -231
  609. iam_policy_validator-1.14.6/iam_validator/checks/action_validation.py +0 -67
  610. iam_policy_validator-1.14.6/iam_validator/checks/resource_validation.py +0 -135
  611. iam_policy_validator-1.14.6/iam_validator/commands/query.py +0 -485
  612. iam_policy_validator-1.14.6/scripts/download_aws_services.py +0 -215
  613. iam_policy_validator-1.14.6/scripts/sync_defaults_from_yaml.py +0 -204
  614. iam_policy_validator-1.14.6/tests/checks/test_condition_key_validation_check.py +0 -646
  615. iam_policy_validator-1.14.6/tests/checks/test_condition_type_mismatch.py +0 -370
  616. iam_policy_validator-1.14.6/tests/checks/test_full_wildcard_check.py +0 -254
  617. iam_policy_validator-1.14.6/tests/checks/test_mfa_condition_check.py +0 -240
  618. iam_policy_validator-1.14.6/tests/checks/test_policy_size_check.py +0 -370
  619. iam_policy_validator-1.14.6/tests/checks/test_principal_validation_check.py +0 -958
  620. iam_policy_validator-1.14.6/tests/checks/test_resource_validation_check.py +0 -322
  621. iam_policy_validator-1.14.6/tests/checks/test_service_wildcard_check.py +0 -332
  622. iam_policy_validator-1.14.6/tests/checks/test_sid_uniqueness_check.py +0 -281
  623. iam_policy_validator-1.14.6/tests/checks/test_wildcard_action_check.py +0 -297
  624. iam_policy_validator-1.14.6/tests/checks/test_wildcard_resource_check.py +0 -759
  625. iam_policy_validator-1.14.6/tests/core/test_action_resource_matching.py +0 -564
  626. iam_policy_validator-1.14.6/tests/core/test_models.py +0 -541
  627. iam_policy_validator-1.14.6/uv.lock +0 -1010
  628. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/dependabot.yml +0 -0
  629. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/cleanup-prereleases.yml +0 -0
  630. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/LICENSE +0 -0
  631. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/access-analyzer/example1.json +0 -0
  632. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/access-analyzer/example2.json +0 -0
  633. {iam_policy_validator-1.14.6/aws_services → iam_policy_validator-1.15.0/examples/aws-service-definitions}/iam.json +0 -0
  634. {iam_policy_validator-1.14.6/aws_services → iam_policy_validator-1.15.0/examples/aws-service-definitions}/s3.json +0 -0
  635. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/configs/github-labels-config.yaml +0 -0
  636. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/configs/minimal-validation-config.yaml +0 -0
  637. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/configs/offline-validation.yaml +0 -0
  638. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/configs/policy-level-condition-enforcement-config.yaml +0 -0
  639. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/configs/strict-security.yaml +0 -0
  640. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/access-analyzer-only.yaml +0 -0
  641. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/basic-validation.yaml +0 -0
  642. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/custom-policy-checks.yaml +0 -0
  643. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/multi-region-validation.yaml +0 -0
  644. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/resource-policy-validation.yaml +0 -0
  645. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/sarif-code-scanning.yaml +0 -0
  646. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/sequential-validation.yaml +0 -0
  647. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/two-step-validation.yaml +0 -0
  648. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/github-actions/validate-changed-files.yaml +0 -0
  649. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/allowed-wildcard-resource.json +0 -0
  650. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/api_gateway_management.json +0 -0
  651. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/athena_query_access.json +0 -0
  652. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/backup_vault_access.json +0 -0
  653. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/cloudformation_deployer.json +0 -0
  654. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/cloudwatch_monitoring.json +0 -0
  655. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/cognito_user_pool.json +0 -0
  656. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/dynamodb_table_access.json +0 -0
  657. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/ecs_task_execution.json +0 -0
  658. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/eventbridge_rules.json +0 -0
  659. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/glue_etl_jobs.json +0 -0
  660. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/insecure_policy.json +0 -0
  661. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/insecure_policy.yaml +0 -0
  662. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/invalid-resource-constraint.json +0 -0
  663. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/invalid-sid-special-chars.json +0 -0
  664. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/invalid-sid-with-spaces.json +0 -0
  665. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/invalid_policy.json +0 -0
  666. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/kms_encryption_keys.json +0 -0
  667. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/lambda_developer.json +0 -0
  668. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/lambda_developer.yaml +0 -0
  669. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/maximum_size_policy.json +0 -0
  670. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/policy_missing_required_tags.json +0 -0
  671. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/policy_tag_enforcement_example.json +0 -0
  672. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/policy_with_wildcard_resources.json +0 -0
  673. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/privilege_escalation_scattered.json +0 -0
  674. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/rds_database_admin.json +0 -0
  675. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/s3_bucket_access.yaml +0 -0
  676. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/sample_policy.json +0 -0
  677. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/sample_policy.yaml +0 -0
  678. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/secrets_manager_access.json +0 -0
  679. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/sensitive-action-wildcards.json +0 -0
  680. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/sns_sqs_messaging.json +0 -0
  681. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/step_functions_workflow.json +0 -0
  682. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/terraform-template-policy.json +0 -0
  683. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/test_none_of_valid.json +0 -0
  684. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/test_none_of_violations.json +0 -0
  685. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/valid-sid-formats.json +0 -0
  686. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/wildcard_examples.json +0 -0
  687. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/wildcard_examples.yaml +0 -0
  688. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/wrong-condition-key.json +0 -0
  689. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/identity-policies/wrong-s3-condition.json +0 -0
  690. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-control-policies/rcp-invalid-allow-effect.json +0 -0
  691. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-control-policies/rcp-invalid-not-action.json +0 -0
  692. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-control-policies/rcp-invalid-specific-principal.json +0 -0
  693. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-control-policies/rcp-invalid-unsupported-service.json +0 -0
  694. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-control-policies/rcp-invalid-wildcard-action.json +0 -0
  695. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-control-policies/rcp-valid-enforce-encryption.json +0 -0
  696. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/backup-vault-policy-org-access.json +0 -0
  697. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/ecr-repository-policy-org-restricted.json +0 -0
  698. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/ecr-repository-policy-public.json +0 -0
  699. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/efs-filesystem-policy-vpc-only.json +0 -0
  700. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/glacier-vault-policy-cross-account.json +0 -0
  701. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/kms-key-policy-cross-account.json +0 -0
  702. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/kms-key-policy-insecure.json +0 -0
  703. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/kms-key-policy-org-restricted.json +0 -0
  704. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/kms-key-policy-service-specific.json +0 -0
  705. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/lambda-permission-api-gateway.json +0 -0
  706. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/lambda-permission-cross-account-invoke.json +0 -0
  707. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/lambda-permission-eventbridge-multiple.json +0 -0
  708. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/lambda-permission-public-url.json +0 -0
  709. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/lambda-permission-s3-trigger.json +0 -0
  710. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/opensearch-domain-policy-ip-restricted.json +0 -0
  711. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-cloudfront.json +0 -0
  712. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-cross-account-org.json +0 -0
  713. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-insecure-transport.json +0 -0
  714. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-ip-restriction.json +0 -0
  715. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-public-with-conditions.json +0 -0
  716. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-public.json +0 -0
  717. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-specific-account.json +0 -0
  718. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-vpc-endpoint.json +0 -0
  719. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/s3-bucket-policy-wildcard-actions.json +0 -0
  720. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/secrets-manager-policy-cross-account.json +0 -0
  721. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sns-topic-policy-cross-account-mfa.json +0 -0
  722. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sns-topic-policy-cross-account.json +0 -0
  723. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sns-topic-policy-eventbridge.json +0 -0
  724. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sns-topic-policy-org-wide.json +0 -0
  725. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sns-topic-policy-public-no-conditions.json +0 -0
  726. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sqs-queue-policy-cross-account-role.json +0 -0
  727. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sqs-queue-policy-iam-users-mfa.json +0 -0
  728. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sqs-queue-policy-public.json +0 -0
  729. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/resource-policies/sqs-queue-policy-sns-subscription.json +0 -0
  730. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/service-control-policies/deny-root-account-usage.json +0 -0
  731. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/service-control-policies/require-mfa.json +0 -0
  732. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/service-control-policies/restrict-regions.json +0 -0
  733. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/wrong_actions_mismatch/correct-condition-wrong-key.json +0 -0
  734. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/wrong_actions_mismatch/dynamodb-wrong-resources.json +0 -0
  735. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/wrong_actions_mismatch/ec2-wrong-resources.json +0 -0
  736. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/wrong_actions_mismatch/iam-wrong-resources.json +0 -0
  737. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/wrong_actions_mismatch/lambda-wrong-resources.json +0 -0
  738. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/wrong_actions_mismatch/s3-wrong-resources.json +0 -0
  739. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/wrong_actions_mismatch/sqs-sns-wrong-resources.json +0 -0
  740. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/iam-test-policies/wrong_actions_mismatch/typo-condition-field.json +0 -0
  741. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/quick-start/lambda-policy.json +0 -0
  742. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/quick-start/s3-policy.json +0 -0
  743. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/quick-start/user-policy.json +0 -0
  744. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/trust-policies/INVALID-wrong-principal-type.json +0 -0
  745. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/trust-policies/cross-account-trust-policy.json +0 -0
  746. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/trust-policies/github-actions-oidc-trust-policy.json +0 -0
  747. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/trust-policies/lambda-service-role-trust-policy.json +0 -0
  748. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/examples/trust-policies/saml-federated-trust-policy.json +0 -0
  749. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/__init__.py +0 -0
  750. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/__main__.py +0 -0
  751. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/action_condition_enforcement.py +0 -0
  752. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/action_resource_matching.py +0 -0
  753. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/condition_key_validation.py +0 -0
  754. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/condition_type_mismatch.py +0 -0
  755. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/full_wildcard.py +0 -0
  756. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/mfa_condition_check.py +0 -0
  757. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/policy_size.py +0 -0
  758. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/policy_structure.py +0 -0
  759. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/policy_type_validation.py +0 -0
  760. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/principal_validation.py +0 -0
  761. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/sensitive_action.py +0 -0
  762. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/service_wildcard.py +0 -0
  763. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/set_operator_validation.py +0 -0
  764. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/sid_uniqueness.py +0 -0
  765. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/trust_policy_validation.py +0 -0
  766. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/utils/__init__.py +0 -0
  767. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/utils/action_parser.py +0 -0
  768. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/utils/policy_level_checks.py +0 -0
  769. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/utils/sensitive_action_matcher.py +0 -0
  770. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/utils/wildcard_expansion.py +0 -0
  771. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/checks/wildcard_action.py +0 -0
  772. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/commands/analyze.py +0 -0
  773. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/commands/base.py +0 -0
  774. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/commands/download_services.py +0 -0
  775. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/commands/post_to_pr.py +0 -0
  776. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/commands/validate.py +0 -0
  777. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/__init__.py +0 -0
  778. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/access_analyzer.py +0 -0
  779. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/access_analyzer_report.py +0 -0
  780. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_fetcher.py +0 -0
  781. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_service/client.py +0 -0
  782. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_service/parsers.py +0 -0
  783. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/aws_service/patterns.py +0 -0
  784. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/cli.py +0 -0
  785. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/codeowners.py +0 -0
  786. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/condition_validators.py +0 -0
  787. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/__init__.py +0 -0
  788. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/aws_api.py +0 -0
  789. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/category_suggestions.py +0 -0
  790. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/condition_requirements.py +0 -0
  791. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/principal_requirements.py +0 -0
  792. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/sensitive_actions.py +0 -0
  793. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/service_principals.py +0 -0
  794. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/config/wildcards.py +0 -0
  795. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/diff_parser.py +0 -0
  796. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/finding_fingerprint.py +0 -0
  797. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/__init__.py +0 -0
  798. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/base.py +0 -0
  799. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/console.py +0 -0
  800. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/csv.py +0 -0
  801. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/enhanced.py +0 -0
  802. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/html.py +0 -0
  803. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/json.py +0 -0
  804. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/markdown.py +0 -0
  805. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/formatters/sarif.py +0 -0
  806. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/ignore_patterns.py +0 -0
  807. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/ignore_processor.py +0 -0
  808. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/ignored_findings.py +0 -0
  809. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/label_manager.py +0 -0
  810. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/policy_checks.py +0 -0
  811. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/policy_loader.py +0 -0
  812. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/pr_commenter.py +0 -0
  813. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/core/report.py +0 -0
  814. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/integrations/__init__.py +0 -0
  815. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/integrations/github_integration.py +0 -0
  816. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/integrations/ms_teams.py +0 -0
  817. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/sdk/arn_matching.py +0 -0
  818. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/sdk/exceptions.py +0 -0
  819. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/sdk/helpers.py +0 -0
  820. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/sdk/query_utils.py +0 -0
  821. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/sdk/shortcuts.py +0 -0
  822. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/utils/__init__.py +0 -0
  823. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/utils/cache.py +0 -0
  824. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/utils/regex.py +0 -0
  825. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/iam_validator/utils/terminal.py +0 -0
  826. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/README.md +0 -0
  827. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/__init__.py +0 -0
  828. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/checks/__init__.py +0 -0
  829. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/checks/test_aws_global_conditions.py +0 -0
  830. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/checks/test_custom_policy_checks.py +0 -0
  831. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/checks/test_sensitive_action_filtering.py +0 -0
  832. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/checks/test_sensitive_action_suggestions.py +0 -0
  833. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/checks/test_sensitive_action_wildcard_expansion.py +0 -0
  834. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/checks/test_service_principal_wildcard.py +0 -0
  835. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/commands/__init__.py +0 -0
  836. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/commands/test_completion_command.py +0 -0
  837. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/config/__init__.py +0 -0
  838. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/config/test_config_loader.py +0 -0
  839. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/__init__.py +0 -0
  840. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_action_condition_enforcement.py +0 -0
  841. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_action_condition_enforcement_policy_level.py +0 -0
  842. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_aws_api_config.py +0 -0
  843. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_aws_fetcher_wildcards.py +0 -0
  844. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_check_id_in_comments.py +0 -0
  845. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_check_id_injection.py +0 -0
  846. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_codeowners.py +0 -0
  847. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_comment_truncation.py +0 -0
  848. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_diff_parser.py +0 -0
  849. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_finding_fingerprint.py +0 -0
  850. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_ignore_patterns.py +0 -0
  851. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_ignored_findings.py +0 -0
  852. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_multipart_comments.py +0 -0
  853. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_policy_loader.py +0 -0
  854. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_policy_type_validation.py +0 -0
  855. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_pr_commenter_diff_filtering.py +0 -0
  856. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_regex_utils.py +0 -0
  857. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_set_operator_validation.py +0 -0
  858. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_trust_policy_detection.py +0 -0
  859. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_trust_policy_multiple_statements.py +0 -0
  860. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_trust_policy_oidc_aud_required.py +0 -0
  861. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/core/test_trust_policy_validation.py +0 -0
  862. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/integrations/__init__.py +0 -0
  863. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/integrations/test_comment_deduplication.py +0 -0
  864. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/integrations/test_github_pagination.py +0 -0
  865. {iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/tests/integrations/test_label_manager.py +0 -0
{iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/ci.yml RENAMED
@@ -26,7 +26,7 @@ jobs:
26
26
  python-version: "${{ env.DEFAULT_PYTHON_VERSION }}"
27
27
 
28
28
  - name: Install uv
29
- uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5
29
+ uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
30
30
  with:
31
31
  enable-cache: true
32
32
 
@@ -56,7 +56,7 @@ jobs:
56
56
  python-version: ${{ matrix.python-version }}
57
57
 
58
58
  - name: Install uv
59
- uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5
59
+ uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
60
60
  with:
61
61
  enable-cache: true
62
62
 
@@ -80,7 +80,7 @@ jobs:
80
80
  python-version: "${{ env.DEFAULT_PYTHON_VERSION }}"
81
81
 
82
82
  - name: Install uv
83
- uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5
83
+ uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
84
84
  with:
85
85
  enable-cache: true
86
86
 
@@ -104,7 +104,7 @@ jobs:
104
104
  python-version: "${{ env.DEFAULT_PYTHON_VERSION }}"
105
105
 
106
106
  - name: Install uv
107
- uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5
107
+ uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
108
108
  with:
109
109
  enable-cache: true
110
110
 
{iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/codeql.yml RENAMED
@@ -29,15 +29,15 @@ jobs:
29
29
  uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
30
30
 
31
31
  - name: Initialize CodeQL
32
- uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
32
+ uses: github/codeql-action/init@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
33
33
  with:
34
34
  languages: ${{ matrix.language }}
35
35
  queries: security-extended,security-and-quality
36
36
 
37
37
  - name: Autobuild
38
- uses: github/codeql-action/autobuild@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
38
+ uses: github/codeql-action/autobuild@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
39
39
 
40
40
  - name: Perform CodeQL Analysis
41
- uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
41
+ uses: github/codeql-action/analyze@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
42
42
  with:
43
43
  category: "/language:${{matrix.language}}"
iam_policy_validator-1.15.0/.github/workflows/docs.yml ADDED
@@ -0,0 +1,82 @@
1
+ # Deploy documentation to GitHub Pages
2
+ # This workflow builds and deploys the MkDocs documentation site
3
+ name: Deploy Documentation
4
+
5
+ on:
6
+ push:
7
+ branches:
8
+ - main
9
+ paths:
10
+ - "docs/**"
11
+ - "mkdocs.yml"
12
+ - "iam_validator/**" # Rebuild on source changes for API docs
13
+ - ".github/workflows/docs.yml"
14
+ pull_request:
15
+ paths:
16
+ - "docs/**"
17
+ - "mkdocs.yml"
18
+ workflow_dispatch: # Allow manual trigger
19
+
20
+ # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
21
+ permissions:
22
+ contents: read
23
+ pages: write
24
+ id-token: write
25
+
26
+ # Allow only one concurrent deployment, skipping runs queued between the run in-progress and latest queued.
27
+ # However, do NOT cancel in-progress runs as we want to allow these production deployments to complete.
28
+ concurrency:
29
+ group: pages
30
+ cancel-in-progress: false
31
+
32
+ jobs:
33
+ # Build job
34
+ build:
35
+ runs-on: ubuntu-latest
36
+ steps:
37
+ # actions/checkout v6.0.1
38
+ - name: Checkout repository
39
+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
40
+ with:
41
+ fetch-depth: 0 # Fetch all history for git info
42
+
43
+ # actions/setup-python v5.6.0
44
+ - name: Set up Python
45
+ uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0
46
+ with:
47
+ python-version: "3.12"
48
+ cache: "pip"
49
+
50
+ - name: Install dependencies
51
+ run: |
52
+ pip install --upgrade pip
53
+ pip install mkdocs-material mkdocstrings[python] mkdocs-gen-files mkdocs-literate-nav
54
+
55
+ - name: Build documentation
56
+ run: mkdocs build --strict
57
+
58
+ # actions/configure-pages v5.0.0
59
+ - name: Setup Pages
60
+ if: github.event_name == 'push' && github.ref == 'refs/heads/main'
61
+ uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0
62
+
63
+ # actions/upload-pages-artifact v3.0.1
64
+ - name: Upload artifact
65
+ if: github.event_name == 'push' && github.ref == 'refs/heads/main'
66
+ uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
67
+ with:
68
+ path: ./site
69
+
70
+ # Deployment job
71
+ deploy:
72
+ if: github.event_name == 'push' && github.ref == 'refs/heads/main'
73
+ environment:
74
+ name: github-pages
75
+ url: ${{ steps.deployment.outputs.page_url }}
76
+ runs-on: ubuntu-latest
77
+ needs: build
78
+ steps:
79
+ # actions/deploy-pages v4.0.5
80
+ - name: Deploy to GitHub Pages
81
+ id: deployment
82
+ uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5
{iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/pre-release.yml RENAMED
@@ -80,7 +80,7 @@ jobs:
80
80
  python-version: ${{ inputs.python_version }}
81
81
 
82
82
  - name: Install uv
83
- uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5
83
+ uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
84
84
  with:
85
85
  enable-cache: true
86
86
 
{iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/release.yml RENAMED
@@ -31,7 +31,7 @@ jobs:
31
31
  python-version: ${{ env.PYTHON_VERSION }}
32
32
 
33
33
  - name: Install uv
34
- uses: astral-sh/setup-uv@ed21f2f24f8dd64503750218de024bcf64c7250a # v7.1.5
34
+ uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
35
35
  with:
36
36
  enable-cache: true
37
37
 
{iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.github/workflows/scorecard.yml RENAMED
@@ -48,7 +48,7 @@ jobs:
48
48
  # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
49
49
  # format to the repository Actions tab.
50
50
  - name: "Upload artifact"
51
- uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
51
+ uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
52
52
  with:
53
53
  name: SARIF file
54
54
  path: results.sarif
@@ -57,6 +57,6 @@ jobs:
57
57
  # Upload the results to GitHub's code scanning dashboard (optional).
58
58
  # Commenting out will disable upload of results to your repo's Code Scanning dashboard
59
59
  - name: "Upload to code-scanning"
60
- uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
60
+ uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
61
61
  with:
62
62
  sarif_file: results.sarif
{iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/.gitignore RENAMED
@@ -1,6 +1,3 @@
1
- # AI stuff
2
- .claude/
3
-
4
1
  # Cache
5
2
  .cache/
6
3
  *.cache
@@ -69,5 +66,24 @@ dmypy.json
69
66
  *.temp
70
67
  temp/
71
68
  tmp/
69
+
70
+ # Claude Code
72
71
  CLAUDE.md
73
72
  plan.md
73
+ .claude/
74
+
75
+ # uv
76
+ .python-version
77
+
78
+ # Coverage reports
79
+ coverage.xml
80
+ *.lcov
81
+
82
+ # Jupyter
83
+ .ipynb_checkpoints/
84
+
85
+ # AWS service definitions (download with: iam-validator download-services)
86
+ aws_services/
87
+
88
+ .mcp.json
89
+ .serena
iam_policy_validator-1.15.0/CHANGELOG.md ADDED
@@ -0,0 +1,323 @@
1
+ # Changelog
2
+
3
+ All notable changes to IAM Policy Validator are documented in this file.
4
+
5
+ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
6
+ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
7
+
8
+ ## [Unreleased]
9
+
10
+ ### Planned
11
+ - NotAction/NotResource validation support
12
+ - Enhanced PR comment management with configurable limits
13
+
14
+ ---
15
+
16
+ ## [1.14.7] - 2025-12-17
17
+
18
+ ### Added
19
+ - MkDocs documentation site deployed to GitHub Pages
20
+ - Comprehensive SDK API reference documentation
21
+
22
+ ### Fixed
23
+ - Correct repository name in all documentation links (iam-policy-auditor → iam-policy-validator)
24
+ - Fix SDK docstring formatting for proper mkdocstrings rendering
25
+ - Update PyPI metadata with correct documentation and changelog URLs
26
+
27
+ ---
28
+
29
+ ## [1.14.6] - 2025-12-15
30
+
31
+ ### Fixed
32
+ - Separate security findings from validity errors in PR comments
33
+ - Respect ignored findings when managing PR labels and review state
34
+
35
+ ---
36
+
37
+ ## [1.14.5] - 2025-12-15
38
+
39
+ ### Fixed
40
+ - Respect ignored findings when managing PR labels and review state
41
+
42
+ ---
43
+
44
+ ## [1.14.4] - 2025-12-12
45
+
46
+ ### Fixed
47
+ - Show pass status and list ignored findings in summary when all blocking issues are ignored
48
+
49
+ ---
50
+
51
+ ## [1.14.3] - 2025-12-12
52
+
53
+ ### Fixed
54
+ - Add pattern matching for service-specific condition keys with tag validation
55
+
56
+ ---
57
+
58
+ ## [1.14.2] - 2025-12-12
59
+
60
+ ### Fixed
61
+ - Use APPROVE review event when validation passes to dismiss REQUEST_CHANGES
62
+
63
+ ---
64
+
65
+ ## [1.14.1] - 2025-12-11
66
+
67
+ ### Fixed
68
+ - Enhanced SARIF formatter with dynamic rules and rich context
69
+ - Improved finding fingerprints for better PR comment deduplication
70
+
71
+ ### Changed
72
+ - Updated dependencies (setup-uv, actions/checkout, codeql-action)
73
+
74
+ ---
75
+
76
+ ## [1.14.0] - 2024-12-10
77
+
78
+ ### Added
79
+ - Enhanced PR comments with fingerprint-based matching
80
+ - Finding ignore system via PR comment replies
81
+ - Improved review comment deduplication
82
+
83
+ ### Changed
84
+ - Better production readiness for GitHub Action integration
85
+
86
+ ---
87
+
88
+ ## [1.13.1] - 2024-12
89
+
90
+ ### Fixed
91
+ - Bug fixes and stability improvements
92
+
93
+ ---
94
+
95
+ ## [1.13.0] - 2024-12
96
+
97
+ ### Added
98
+ - Query command for exploring AWS service definitions
99
+ - Shell completion support (bash, zsh, fish)
100
+
101
+ ---
102
+
103
+ ## [1.12.0] - 2024-11
104
+
105
+ ### Added
106
+ - Trust policy validation check
107
+ - Enhanced condition type mismatch detection
108
+
109
+ ### Changed
110
+ - Improved AWS service fetcher performance
111
+
112
+ ---
113
+
114
+ ## [1.11.0] - 2024-11
115
+
116
+ ### Added
117
+ - Action-resource matching validation
118
+ - Set operator validation for conditions (ForAllValues/ForAnyValue)
119
+
120
+ ### Changed
121
+ - Expanded sensitive actions database (490+ actions)
122
+
123
+ ---
124
+
125
+ ## [1.10.0] - 2024-10
126
+
127
+ ### Added
128
+ - MFA condition check for sensitive operations
129
+ - Condition key validation improvements
130
+
131
+ ### Changed
132
+ - Better error messages for validation failures
133
+
134
+ ---
135
+
136
+ ## [1.9.0] - 2024-10
137
+
138
+ ### Added
139
+ - GitHub PR review comments (inline comments on changed lines)
140
+ - Multiple output formats (JSON, SARIF, CSV, HTML, Markdown)
141
+
142
+ ---
143
+
144
+ ## [1.8.0] - 2024-09
145
+
146
+ ### Added
147
+ - AWS Access Analyzer integration
148
+ - Offline validation mode with pre-downloaded service definitions
149
+
150
+ ---
151
+
152
+ ## [1.7.0] - 2024-09
153
+
154
+ ### Added
155
+ - Custom checks support via `--custom-checks-dir`
156
+ - Configuration file support (`iam-validator.yaml`)
157
+
158
+ ### Changed
159
+ - Modular check architecture
160
+
161
+ ---
162
+
163
+ ## [1.6.0] - 2024-08
164
+
165
+ ### Added
166
+ - Service Control Policy (SCP) validation
167
+ - Principal validation for resource policies
168
+
169
+ ---
170
+
171
+ ## [1.5.0] - 2024-08
172
+
173
+ ### Added
174
+ - Modular Python configuration system (5-10x faster startup)
175
+ - Split security checks into individual modules:
176
+ - `wildcard_action` - Wildcard actions (Action: "*")
177
+ - `wildcard_resource` - Wildcard resources (Resource: "*")
178
+ - `service_wildcard` - Service-level wildcards (e.g., "s3:*")
179
+ - `sensitive_action` - Sensitive actions without conditions
180
+ - `full_wildcard` - Action:* + Resource:* (critical)
181
+ - GitHub Action RESOURCE_CONTROL_POLICY support
182
+ - GitHub Actions job summary output
183
+
184
+ ### Changed
185
+ - Comprehensive documentation overhaul
186
+
187
+ ---
188
+
189
+ ## [1.4.0] - 2024-07
190
+
191
+ ### Added
192
+ - Resource Control Policy (RCP) support with 8 validation checks
193
+ - Enhanced principal validation:
194
+ - Blocked principals (e.g., public access "*")
195
+ - Allowed principals whitelist
196
+ - Required conditions for specific principals
197
+ - Service principal validation
198
+ - SID format validation
199
+ - Policy type validation for all 4 policy types
200
+
201
+ ---
202
+
203
+ ## [1.3.0] - 2024-06
204
+
205
+ ### Added
206
+ - Modular Python configuration system
207
+ - Condition requirement templates
208
+ - Action condition enforcement check
209
+
210
+ ---
211
+
212
+ ## [1.2.0] - 2024-05
213
+
214
+ ### Added
215
+ - Smart IAM policy detection and filtering
216
+ - YAML policy support
217
+ - Streaming mode for large policy sets
218
+
219
+ ---
220
+
221
+ ## [1.1.0] - 2024-04
222
+
223
+ ### Added
224
+ - Split security checks into individual modules
225
+ - Configurable check system
226
+ - Per-check severity overrides
227
+
228
+ ---
229
+
230
+ ## [1.0.0] - 2024-03
231
+
232
+ ### Added
233
+ - Initial release
234
+ - Core IAM policy validation engine
235
+ - AWS service definition fetching with caching
236
+ - GitHub Action for CI/CD integration
237
+ - CLI tool with rich console output
238
+ - Python library API
239
+
240
+ ---
241
+
242
+ ## Versioning Policy
243
+
244
+ This project follows [Semantic Versioning](https://semver.org/):
245
+
246
+ - **MAJOR** (X.0.0): Breaking changes to CLI, configuration, or library API
247
+ - **MINOR** (0.X.0): New features, new checks, backwards-compatible enhancements
248
+ - **PATCH** (0.0.X): Bug fixes, documentation updates, dependency updates
249
+
250
+ ### Supported Versions
251
+
252
+ | Version | Support Status |
253
+ | ------- | --------------------- |
254
+ | 1.14.x | ✅ Active development |
255
+ | 1.13.x | ⚠️ Critical fixes only |
256
+ | < 1.13 | ❌ End of life |
257
+
258
+ ### Deprecation Policy
259
+
260
+ - Deprecated features are announced at least one minor version before removal
261
+ - Deprecated features emit warnings when used
262
+ - Breaking changes are documented in the MAJOR version release notes
263
+
264
+ ---
265
+
266
+ ## Migration Guides
267
+
268
+ ### Migrating to v1.5.0+
269
+
270
+ The modular configuration system introduced in v1.5.0 changed how checks are configured:
271
+
272
+ **Before (v1.4.x):**
273
+ ```yaml
274
+ checks:
275
+ wildcard: high
276
+ sensitive_actions: medium
277
+ ```
278
+
279
+ **After (v1.5.0+):**
280
+ ```yaml
281
+ wildcard_action:
282
+ enabled: true
283
+ severity: high
284
+
285
+ sensitive_action:
286
+ enabled: true
287
+ severity: medium
288
+ ```
289
+
290
+ ### Migrating to v1.4.0+
291
+
292
+ Resource Control Policy (RCP) support requires specifying policy type:
293
+
294
+ ```bash
295
+ # Explicit policy type for RCPs
296
+ iam-validator validate --policy-type RESOURCE_CONTROL_POLICY policies/
297
+ ```
298
+
299
+ ---
300
+
301
+ [Unreleased]: https://github.com/boogy/iam-policy-validator/compare/v1.14.6...HEAD
302
+ [1.14.6]: https://github.com/boogy/iam-policy-validator/compare/v1.14.5...v1.14.6
303
+ [1.14.5]: https://github.com/boogy/iam-policy-validator/compare/v1.14.4...v1.14.5
304
+ [1.14.4]: https://github.com/boogy/iam-policy-validator/compare/v1.14.3...v1.14.4
305
+ [1.14.3]: https://github.com/boogy/iam-policy-validator/compare/v1.14.2...v1.14.3
306
+ [1.14.2]: https://github.com/boogy/iam-policy-validator/compare/v1.14.1...v1.14.2
307
+ [1.14.1]: https://github.com/boogy/iam-policy-validator/compare/v1.14.0...v1.14.1
308
+ [1.14.0]: https://github.com/boogy/iam-policy-validator/compare/v1.13.1...v1.14.0
309
+ [1.13.1]: https://github.com/boogy/iam-policy-validator/compare/v1.13.0...v1.13.1
310
+ [1.13.0]: https://github.com/boogy/iam-policy-validator/compare/v1.12.0...v1.13.0
311
+ [1.12.0]: https://github.com/boogy/iam-policy-validator/compare/v1.11.0...v1.12.0
312
+ [1.11.0]: https://github.com/boogy/iam-policy-validator/compare/v1.10.0...v1.11.0
313
+ [1.10.0]: https://github.com/boogy/iam-policy-validator/compare/v1.9.0...v1.10.0
314
+ [1.9.0]: https://github.com/boogy/iam-policy-validator/compare/v1.8.0...v1.9.0
315
+ [1.8.0]: https://github.com/boogy/iam-policy-validator/compare/v1.7.0...v1.8.0
316
+ [1.7.0]: https://github.com/boogy/iam-policy-validator/compare/v1.6.0...v1.7.0
317
+ [1.6.0]: https://github.com/boogy/iam-policy-validator/compare/v1.5.0...v1.6.0
318
+ [1.5.0]: https://github.com/boogy/iam-policy-validator/compare/v1.4.0...v1.5.0
319
+ [1.4.0]: https://github.com/boogy/iam-policy-validator/compare/v1.3.0...v1.4.0
320
+ [1.3.0]: https://github.com/boogy/iam-policy-validator/compare/v1.2.0...v1.3.0
321
+ [1.2.0]: https://github.com/boogy/iam-policy-validator/compare/v1.1.0...v1.2.0
322
+ [1.1.0]: https://github.com/boogy/iam-policy-validator/compare/v1.0.0...v1.1.0
323
+ [1.0.0]: https://github.com/boogy/iam-policy-validator/releases/tag/v1.0.0
iam_policy_validator-1.15.0/CONTRIBUTING.md ADDED
@@ -0,0 +1,65 @@
1
+ # Contributing to IAM Policy Validator
2
+
3
+ Thank you for your interest in contributing! Full contribution documentation is available in the [docs/contributing/](docs/contributing/) directory.
4
+
5
+ ## Quick Start
6
+
7
+ ```bash
8
+ # Clone and setup
9
+ git clone https://github.com/boogy/iam-policy-validator.git
10
+ cd iam-policy-validator
11
+ uv sync --extra dev
12
+
13
+ # Run quality checks
14
+ make check
15
+
16
+ # Run tests
17
+ make test
18
+ ```
19
+
20
+ ## Development Workflow
21
+
22
+ 1. Fork and clone the repository
23
+ 2. Create a feature branch: `git checkout -b feature/your-feature`
24
+ 3. Make changes and add tests
25
+ 4. Run `make check` to verify
26
+ 5. Submit a pull request
27
+
28
+ ## Commit Convention
29
+
30
+ Follow [Conventional Commits](https://www.conventionalcommits.org/):
31
+
32
+ - `feat:` New feature
33
+ - `fix:` Bug fix
34
+ - `docs:` Documentation
35
+ - `refactor:` Code refactoring
36
+ - `test:` Test changes
37
+ - `chore:` Maintenance
38
+
39
+ ## Documentation
40
+
41
+ - [Development Setup](docs/contributing/development-setup.md) - Environment setup, dependencies
42
+ - [Testing Guide](docs/contributing/testing.md) - Running tests, writing tests
43
+ - [Releasing](docs/contributing/releasing.md) - Version bumps, publishing
44
+
45
+ ## Project Structure
46
+
47
+ ```
48
+ iam_validator/
49
+ ├── checks/ # Built-in validation checks (19)
50
+ ├── commands/ # CLI commands (7)
51
+ ├── core/ # Validation engine, models, formatters
52
+ ├── integrations/ # GitHub, MS Teams
53
+ └── sdk/ # Python SDK
54
+ ```
55
+
56
+ ## Adding New Features
57
+
58
+ - **New Check**: See [Custom Checks Guide](docs/developer-guide/custom-checks/)
59
+ - **New Command**: Add to `iam_validator/commands/`
60
+ - **New Formatter**: Add to `iam_validator/core/formatters/`
61
+
62
+ ## Getting Help
63
+
64
+ - [GitHub Issues](https://github.com/boogy/iam-policy-validator/issues)
65
+ - [GitHub Discussions](https://github.com/boogy/iam-policy-validator/discussions)
{iam_policy_validator-1.14.6 → iam_policy_validator-1.15.0}/Makefile RENAMED
@@ -1,4 +1,4 @@
1
- .PHONY: help install dev clean test lint format ruff type-check build publish publish-test version sync-defaults
1
+ .PHONY: help install dev clean test lint format ruff type-check build publish publish-test version sync-defaults docs docs-serve mcp-inspector
2
2
 
3
3
  # Default target
4
4
  help:
@@ -27,6 +27,13 @@ help:
27
27
  @echo "Examples:"
28
28
  @echo " make validate-example Run validator on example policies"
29
29
  @echo ""
30
+ @echo "Documentation:"
31
+ @echo " make docs Build documentation"
32
+ @echo " make docs-serve Serve documentation locally (http://localhost:8000)"
33
+ @echo ""
34
+ @echo "MCP Server:"
35
+ @echo " make mcp-inspector Start MCP Inspector for debugging"
36
+ @echo ""
30
37
  @echo "AWS Services Backup:"
31
38
  @echo " make download-aws-services Download all AWS service definitions"
32
39
 
@@ -121,3 +128,14 @@ download-aws-services:
121
128
  # CI/CD simulation
122
129
  ci: check build
123
130
  @echo "✓ CI checks complete!"
131
+
132
+ # Documentation
133
+ docs:
134
+ @uv run --extra docs mkdocs build
135
+
136
+ docs-serve:
137
+ @uv run --extra docs mkdocs serve -w docs/
138
+
139
+ # MCP Server debugging
140
+ mcp-inspector:
141
+ @npx @modelcontextprotocol/inspector uv run --directory $(CURDIR) --extra mcp iam-validator-mcp