iam-policy-validator 1.15.3__tar.gz → 1.15.5__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (373) hide show
  1. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/CHANGELOG.md +32 -0
  2. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/PKG-INFO +1 -1
  3. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/action.yaml +47 -1
  4. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/api-reference/models.md +21 -10
  5. iam_policy_validator-1.15.5/docs/api-reference/sdk.md +1101 -0
  6. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/sdk/quickstart.md +31 -10
  7. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/sdk/validation.md +22 -9
  8. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/getting-started/first-validation.md +4 -16
  9. iam_policy_validator-1.15.5/docs/includes/abbreviations.md +16 -0
  10. iam_policy_validator-1.15.5/docs/integrations/github-actions.md +541 -0
  11. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/integrations/mcp-server.md +23 -11
  12. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/integrations/pre-commit.md +4 -4
  13. iam_policy_validator-1.15.5/docs/user-guide/configuration.md +475 -0
  14. iam_policy_validator-1.15.5/docs/user-guide/output-formats.md +273 -0
  15. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/user-guide/troubleshooting.md +1 -0
  16. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/__version__.py +1 -1
  17. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/wildcard_resource.py +1 -1
  18. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/completion.py +2 -4
  19. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/query.py +0 -2
  20. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/sdk/context.py +4 -4
  21. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/sdk/shortcuts.py +1 -14
  22. iam_policy_validator-1.15.3/docs/api-reference/sdk.md +0 -534
  23. iam_policy_validator-1.15.3/docs/includes/abbreviations.md +0 -17
  24. iam_policy_validator-1.15.3/docs/integrations/github-actions.md +0 -135
  25. iam_policy_validator-1.15.3/docs/user-guide/configuration.md +0 -232
  26. iam_policy_validator-1.15.3/docs/user-guide/output-formats.md +0 -95
  27. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.github/dependabot.yml +0 -0
  28. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.github/workflows/ci.yml +0 -0
  29. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.github/workflows/cleanup-prereleases.yml +0 -0
  30. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.github/workflows/codeql.yml +0 -0
  31. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.github/workflows/docs.yml +0 -0
  32. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.github/workflows/pre-release.yml +0 -0
  33. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.github/workflows/release.yml +0 -0
  34. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.github/workflows/scorecard.yml +0 -0
  35. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/.gitignore +0 -0
  36. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/CONTRIBUTING.md +0 -0
  37. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/LICENSE +0 -0
  38. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/Makefile +0 -0
  39. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/README.md +0 -0
  40. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/SECURITY.md +0 -0
  41. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/api-reference/checks.md +0 -0
  42. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/api-reference/exceptions.md +0 -0
  43. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/api-reference/index.md +0 -0
  44. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/changelog.md +0 -0
  45. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/contributing/development-setup.md +0 -0
  46. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/contributing/index.md +0 -0
  47. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/contributing/releasing.md +0 -0
  48. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/contributing/testing.md +0 -0
  49. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/architecture.md +0 -0
  50. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/custom-checks/best-practices.md +0 -0
  51. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/custom-checks/examples.md +0 -0
  52. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/custom-checks/index.md +0 -0
  53. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/custom-checks/tutorial.md +0 -0
  54. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/index.md +0 -0
  55. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/sdk/advanced.md +0 -0
  56. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/sdk/index.md +0 -0
  57. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/developer-guide/sdk/policy-utilities.md +0 -0
  58. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/getting-started/index.md +0 -0
  59. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/getting-started/installation.md +0 -0
  60. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/getting-started/quickstart.md +0 -0
  61. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/index.md +0 -0
  62. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/integrations/gitlab-ci.md +0 -0
  63. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/integrations/index.md +0 -0
  64. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/stylesheets/extra.css +0 -0
  65. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/user-guide/checks/advanced-checks.md +0 -0
  66. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/user-guide/checks/aws-validation.md +0 -0
  67. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/user-guide/checks/index.md +0 -0
  68. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/user-guide/checks/security-checks.md +0 -0
  69. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/user-guide/cli-reference.md +0 -0
  70. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/user-guide/index.md +0 -0
  71. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/README.md +0 -0
  72. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/access-analyzer/example1.json +0 -0
  73. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/access-analyzer/example2.json +0 -0
  74. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/aws-service-definitions/iam.json +0 -0
  75. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/aws-service-definitions/s3.json +0 -0
  76. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/configs/full-reference-config.yaml +0 -0
  77. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/configs/github-labels-config.yaml +0 -0
  78. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/configs/minimal-validation-config.yaml +0 -0
  79. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/configs/offline-validation.yaml +0 -0
  80. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/configs/policy-level-condition-enforcement-config.yaml +0 -0
  81. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/configs/strict-security.yaml +0 -0
  82. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/custom_checks/cross_account_external_id_check.py +0 -0
  83. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/custom_checks/domain_restriction_check.py +0 -0
  84. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/access-analyzer-only.yaml +0 -0
  85. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/basic-validation.yaml +0 -0
  86. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/custom-policy-checks.yaml +0 -0
  87. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/multi-region-validation.yaml +0 -0
  88. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/resource-policy-validation.yaml +0 -0
  89. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/sarif-code-scanning.yaml +0 -0
  90. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/sequential-validation.yaml +0 -0
  91. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/two-step-validation.yaml +0 -0
  92. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/github-actions/validate-changed-files.yaml +0 -0
  93. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/allowed-wildcard-resource.json +0 -0
  94. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/api_gateway_management.json +0 -0
  95. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/athena_query_access.json +0 -0
  96. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/backup_vault_access.json +0 -0
  97. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/cloudformation_deployer.json +0 -0
  98. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/cloudwatch_monitoring.json +0 -0
  99. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/cognito_user_pool.json +0 -0
  100. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/dynamodb_table_access.json +0 -0
  101. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/ecs_task_execution.json +0 -0
  102. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/eventbridge_rules.json +0 -0
  103. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/glue_etl_jobs.json +0 -0
  104. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/insecure_policy.json +0 -0
  105. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/insecure_policy.yaml +0 -0
  106. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/invalid-resource-constraint.json +0 -0
  107. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/invalid-sid-special-chars.json +0 -0
  108. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/invalid-sid-with-spaces.json +0 -0
  109. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/invalid_policy.json +0 -0
  110. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/kms_encryption_keys.json +0 -0
  111. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/lambda_developer.json +0 -0
  112. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/lambda_developer.yaml +0 -0
  113. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/maximum_size_policy.json +0 -0
  114. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/policy_missing_required_tags.json +0 -0
  115. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/policy_tag_enforcement_example.json +0 -0
  116. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/policy_with_wildcard_resources.json +0 -0
  117. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/privilege_escalation_scattered.json +0 -0
  118. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/rds_database_admin.json +0 -0
  119. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/s3_bucket_access.yaml +0 -0
  120. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/sample_policy.json +0 -0
  121. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/sample_policy.yaml +0 -0
  122. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/secrets_manager_access.json +0 -0
  123. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/sensitive-action-wildcards.json +0 -0
  124. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/sns_sqs_messaging.json +0 -0
  125. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/step_functions_workflow.json +0 -0
  126. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/terraform-template-policy.json +0 -0
  127. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/test_none_of_valid.json +0 -0
  128. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/test_none_of_violations.json +0 -0
  129. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/valid-sid-formats.json +0 -0
  130. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/wildcard_examples.json +0 -0
  131. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/wildcard_examples.yaml +0 -0
  132. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/wrong-condition-key.json +0 -0
  133. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/identity-policies/wrong-s3-condition.json +0 -0
  134. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-control-policies/rcp-invalid-allow-effect.json +0 -0
  135. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-control-policies/rcp-invalid-not-action.json +0 -0
  136. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-control-policies/rcp-invalid-specific-principal.json +0 -0
  137. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-control-policies/rcp-invalid-unsupported-service.json +0 -0
  138. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-control-policies/rcp-invalid-wildcard-action.json +0 -0
  139. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-control-policies/rcp-valid-enforce-encryption.json +0 -0
  140. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/backup-vault-policy-org-access.json +0 -0
  141. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/ecr-repository-policy-org-restricted.json +0 -0
  142. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/ecr-repository-policy-public.json +0 -0
  143. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/efs-filesystem-policy-vpc-only.json +0 -0
  144. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/glacier-vault-policy-cross-account.json +0 -0
  145. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/kms-key-policy-cross-account.json +0 -0
  146. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/kms-key-policy-insecure.json +0 -0
  147. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/kms-key-policy-org-restricted.json +0 -0
  148. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/kms-key-policy-service-specific.json +0 -0
  149. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/lambda-permission-api-gateway.json +0 -0
  150. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/lambda-permission-cross-account-invoke.json +0 -0
  151. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/lambda-permission-eventbridge-multiple.json +0 -0
  152. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/lambda-permission-public-url.json +0 -0
  153. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/lambda-permission-s3-trigger.json +0 -0
  154. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/opensearch-domain-policy-ip-restricted.json +0 -0
  155. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-cloudfront.json +0 -0
  156. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-cross-account-org.json +0 -0
  157. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-insecure-transport.json +0 -0
  158. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-ip-restriction.json +0 -0
  159. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-public-with-conditions.json +0 -0
  160. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-public.json +0 -0
  161. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-specific-account.json +0 -0
  162. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-vpc-endpoint.json +0 -0
  163. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/s3-bucket-policy-wildcard-actions.json +0 -0
  164. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/secrets-manager-policy-cross-account.json +0 -0
  165. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sns-topic-policy-cross-account-mfa.json +0 -0
  166. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sns-topic-policy-cross-account.json +0 -0
  167. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sns-topic-policy-eventbridge.json +0 -0
  168. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sns-topic-policy-org-wide.json +0 -0
  169. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sns-topic-policy-public-no-conditions.json +0 -0
  170. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sqs-queue-policy-cross-account-role.json +0 -0
  171. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sqs-queue-policy-iam-users-mfa.json +0 -0
  172. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sqs-queue-policy-public.json +0 -0
  173. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/resource-policies/sqs-queue-policy-sns-subscription.json +0 -0
  174. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/service-control-policies/deny-root-account-usage.json +0 -0
  175. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/service-control-policies/require-mfa.json +0 -0
  176. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/service-control-policies/restrict-regions.json +0 -0
  177. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/wrong_actions_mismatch/correct-condition-wrong-key.json +0 -0
  178. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/wrong_actions_mismatch/dynamodb-wrong-resources.json +0 -0
  179. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/wrong_actions_mismatch/ec2-wrong-resources.json +0 -0
  180. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/wrong_actions_mismatch/iam-wrong-resources.json +0 -0
  181. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/wrong_actions_mismatch/lambda-wrong-resources.json +0 -0
  182. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/wrong_actions_mismatch/s3-wrong-resources.json +0 -0
  183. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/wrong_actions_mismatch/sqs-sns-wrong-resources.json +0 -0
  184. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/iam-test-policies/wrong_actions_mismatch/typo-condition-field.json +0 -0
  185. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/mcp-llm-instructions/README.md +0 -0
  186. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/mcp-llm-instructions/SYSTEM_PROMPT.md +0 -0
  187. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/mcp-llm-instructions/example_conversation.md +0 -0
  188. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/mcp-llm-instructions/organization_config.yaml +0 -0
  189. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/quick-start/lambda-policy.json +0 -0
  190. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/quick-start/s3-policy.json +0 -0
  191. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/quick-start/user-policy.json +0 -0
  192. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/trust-policies/INVALID-wrong-principal-type.json +0 -0
  193. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/trust-policies/cross-account-trust-policy.json +0 -0
  194. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/trust-policies/github-actions-oidc-trust-policy.json +0 -0
  195. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/trust-policies/lambda-service-role-trust-policy.json +0 -0
  196. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/examples/trust-policies/saml-federated-trust-policy.json +0 -0
  197. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/__init__.py +0 -0
  198. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/__main__.py +0 -0
  199. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/__init__.py +0 -0
  200. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/action_condition_enforcement.py +0 -0
  201. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/action_resource_matching.py +0 -0
  202. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/action_validation.py +0 -0
  203. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/condition_key_validation.py +0 -0
  204. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/condition_type_mismatch.py +0 -0
  205. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/full_wildcard.py +0 -0
  206. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/mfa_condition_check.py +0 -0
  207. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/not_action_not_resource.py +0 -0
  208. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/policy_size.py +0 -0
  209. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/policy_structure.py +0 -0
  210. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/policy_type_validation.py +0 -0
  211. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/principal_validation.py +0 -0
  212. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/resource_validation.py +0 -0
  213. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/sensitive_action.py +0 -0
  214. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/service_wildcard.py +0 -0
  215. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/set_operator_validation.py +0 -0
  216. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/sid_uniqueness.py +0 -0
  217. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/trust_policy_validation.py +0 -0
  218. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/utils/__init__.py +0 -0
  219. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/utils/action_parser.py +0 -0
  220. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/utils/policy_level_checks.py +0 -0
  221. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/utils/sensitive_action_matcher.py +0 -0
  222. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/utils/wildcard_expansion.py +0 -0
  223. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/checks/wildcard_action.py +0 -0
  224. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/__init__.py +0 -0
  225. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/analyze.py +0 -0
  226. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/base.py +0 -0
  227. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/cache.py +0 -0
  228. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/download_services.py +0 -0
  229. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/mcp.py +0 -0
  230. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/post_to_pr.py +0 -0
  231. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/commands/validate.py +0 -0
  232. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/__init__.py +0 -0
  233. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/access_analyzer.py +0 -0
  234. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/access_analyzer_report.py +0 -0
  235. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_fetcher.py +0 -0
  236. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_service/__init__.py +0 -0
  237. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_service/cache.py +0 -0
  238. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_service/client.py +0 -0
  239. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_service/fetcher.py +0 -0
  240. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_service/parsers.py +0 -0
  241. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_service/patterns.py +0 -0
  242. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_service/storage.py +0 -0
  243. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/aws_service/validators.py +0 -0
  244. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/check_registry.py +0 -0
  245. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/cli.py +0 -0
  246. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/codeowners.py +0 -0
  247. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/condition_validators.py +0 -0
  248. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/__init__.py +0 -0
  249. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/aws_api.py +0 -0
  250. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/aws_global_conditions.py +0 -0
  251. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/category_suggestions.py +0 -0
  252. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/check_documentation.py +0 -0
  253. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/condition_requirements.py +0 -0
  254. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/config_loader.py +0 -0
  255. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/defaults.py +0 -0
  256. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/principal_requirements.py +0 -0
  257. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/sensitive_actions.py +0 -0
  258. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/service_principals.py +0 -0
  259. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/config/wildcards.py +0 -0
  260. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/constants.py +0 -0
  261. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/diff_parser.py +0 -0
  262. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/finding_fingerprint.py +0 -0
  263. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/__init__.py +0 -0
  264. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/base.py +0 -0
  265. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/console.py +0 -0
  266. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/csv.py +0 -0
  267. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/enhanced.py +0 -0
  268. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/html.py +0 -0
  269. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/json.py +0 -0
  270. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/markdown.py +0 -0
  271. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/formatters/sarif.py +0 -0
  272. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/ignore_patterns.py +0 -0
  273. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/ignore_processor.py +0 -0
  274. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/ignored_findings.py +0 -0
  275. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/label_manager.py +0 -0
  276. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/models.py +0 -0
  277. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/policy_checks.py +0 -0
  278. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/policy_loader.py +0 -0
  279. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/pr_commenter.py +0 -0
  280. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/core/report.py +0 -0
  281. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/integrations/__init__.py +0 -0
  282. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/integrations/github_integration.py +0 -0
  283. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/integrations/ms_teams.py +0 -0
  284. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/__init__.py +0 -0
  285. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/models.py +0 -0
  286. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/server.py +0 -0
  287. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/session_config.py +0 -0
  288. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/templates/__init__.py +0 -0
  289. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/templates/builtin.py +0 -0
  290. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/tools/__init__.py +0 -0
  291. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/tools/generation.py +0 -0
  292. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/tools/org_config_tools.py +0 -0
  293. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/tools/query.py +0 -0
  294. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/mcp/tools/validation.py +0 -0
  295. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/sdk/__init__.py +0 -0
  296. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/sdk/arn_matching.py +0 -0
  297. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/sdk/exceptions.py +0 -0
  298. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/sdk/helpers.py +0 -0
  299. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/sdk/policy_utils.py +0 -0
  300. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/sdk/query_utils.py +0 -0
  301. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/utils/__init__.py +0 -0
  302. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/utils/cache.py +0 -0
  303. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/utils/regex.py +0 -0
  304. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/iam_validator/utils/terminal.py +0 -0
  305. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/mkdocs.yml +0 -0
  306. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/pyproject.toml +0 -0
  307. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/README.md +0 -0
  308. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/__init__.py +0 -0
  309. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/__init__.py +0 -0
  310. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_action_validation_check.py +0 -0
  311. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_aws_global_conditions.py +0 -0
  312. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_condition_key_validation_check.py +0 -0
  313. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_condition_type_mismatch.py +0 -0
  314. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_custom_policy_checks.py +0 -0
  315. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_full_wildcard_check.py +0 -0
  316. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_mfa_condition_check.py +0 -0
  317. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_not_action_not_resource.py +0 -0
  318. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_policy_size_check.py +0 -0
  319. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_principal_validation_check.py +0 -0
  320. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_resource_validation_check.py +0 -0
  321. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_sensitive_action_filtering.py +0 -0
  322. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_sensitive_action_suggestions.py +0 -0
  323. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_sensitive_action_wildcard_expansion.py +0 -0
  324. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_service_principal_wildcard.py +0 -0
  325. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_service_wildcard_check.py +0 -0
  326. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_sid_uniqueness_check.py +0 -0
  327. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_wildcard_action_check.py +0 -0
  328. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/checks/test_wildcard_resource_check.py +0 -0
  329. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/commands/__init__.py +0 -0
  330. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/commands/test_completion_command.py +0 -0
  331. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/commands/test_query_command.py +0 -0
  332. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/config/__init__.py +0 -0
  333. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/config/test_config_loader.py +0 -0
  334. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/__init__.py +0 -0
  335. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_action_condition_enforcement.py +0 -0
  336. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_action_condition_enforcement_policy_level.py +0 -0
  337. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_action_resource_matching.py +0 -0
  338. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_aws_api_config.py +0 -0
  339. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_aws_fetcher_wildcards.py +0 -0
  340. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_check_id_in_comments.py +0 -0
  341. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_check_id_injection.py +0 -0
  342. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_check_registry.py +0 -0
  343. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_codeowners.py +0 -0
  344. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_comment_truncation.py +0 -0
  345. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_diff_parser.py +0 -0
  346. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_finding_fingerprint.py +0 -0
  347. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_ignore_patterns.py +0 -0
  348. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_ignored_findings.py +0 -0
  349. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_models.py +0 -0
  350. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_multipart_comments.py +0 -0
  351. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_policy_loader.py +0 -0
  352. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_policy_type_validation.py +0 -0
  353. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_pr_commenter_diff_filtering.py +0 -0
  354. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_regex_utils.py +0 -0
  355. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_set_operator_validation.py +0 -0
  356. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_trust_policy_detection.py +0 -0
  357. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_trust_policy_multiple_statements.py +0 -0
  358. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_trust_policy_oidc_aud_required.py +0 -0
  359. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/core/test_trust_policy_validation.py +0 -0
  360. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/integrations/__init__.py +0 -0
  361. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/integrations/test_comment_deduplication.py +0 -0
  362. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/integrations/test_github_pagination.py +0 -0
  363. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/integrations/test_label_manager.py +0 -0
  364. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/__init__.py +0 -0
  365. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/conftest.py +0 -0
  366. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/test_custom_instructions.py +0 -0
  367. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/test_generation_tools.py +0 -0
  368. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/test_org_config.py +0 -0
  369. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/test_query_tools.py +0 -0
  370. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/test_server_integration.py +0 -0
  371. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/test_templates.py +0 -0
  372. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/tests/mcp/test_validation_tools.py +0 -0
  373. {iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/uv.lock +0 -0
{iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/CHANGELOG.md RENAMED
@@ -13,6 +13,38 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
13
13
 
14
14
  ---
15
15
 
16
+ ## [1.15.4] - 2025-01-27
17
+
18
+ ### Fixed
19
+
20
+ **Code Quality Improvements**
21
+
22
+ - Remove duplicate `asyncio` import in query command (CodeQL: py/repeated-import)
23
+ - Fix unused `action_list` variable in wildcard resource check (CodeQL: py/unused-local-variable)
24
+ - Now includes the action list in error messages for better context
25
+
26
+ ---
27
+
28
+ ## [1.15.3] - 2025-01-27
29
+
30
+ ### Added
31
+
32
+ **Enhanced NotAction/NotResource Detection**
33
+
34
+ - New **critical** severity check for combined `NotAction` + `NotResource` with `Allow` effect
35
+ - Detects near-administrator access patterns that grant all actions except a few on all resources except a few
36
+ - Example: `{"Effect": "Allow", "NotAction": ["iam:DeleteUser"], "NotResource": ["arn:aws:s3:::bucket/*"]}`
37
+ - Improved message formatting with markdown backticks for better GitHub PR comment rendering
38
+
39
+ **MFA Condition Anti-Pattern Detection**
40
+
41
+ - Detect `BoolIfExists` with `aws:MultiFactorAuthPresent = false` (**high** severity)
42
+ - More dangerous than `Bool` because it also matches when the key is missing entirely
43
+ - Detect `Null` with `aws:MultiFactorAuthPresent = true` (warning)
44
+ - Checks if key doesn't exist, meaning no MFA was provided in the request context
45
+
46
+ ---
47
+
16
48
  ## [1.15.2] - 2025-01-26
17
49
 
18
50
  ### Added
{iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: iam-policy-validator
3
- Version: 1.15.3
3
+ Version: 1.15.5
4
4
  Summary: Validate AWS IAM policies for correctness and security using AWS Service Reference API
5
5
  Project-URL: Homepage, https://github.com/boogy/iam-policy-validator
6
6
  Project-URL: Documentation, https://boogy.github.io/iam-policy-validator
{iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/action.yaml RENAMED
@@ -56,11 +56,36 @@ inputs:
56
56
  required: false
57
57
  default: ""
58
58
 
59
+ upload-sarif:
60
+ description: "Upload SARIF results to GitHub Code Scanning (requires format: sarif and output-file to be set)"
61
+ required: false
62
+ default: "false"
63
+
59
64
  recursive:
60
65
  description: "Recursively search directories for policy files"
61
66
  required: false
62
67
  default: "true"
63
68
 
69
+ stream:
70
+ description: "Process files one-by-one (memory efficient for large repos with many policies)"
71
+ required: false
72
+ default: "false"
73
+
74
+ batch-size:
75
+ description: "Number of policies to process per batch when streaming (default: 10)"
76
+ required: false
77
+ default: "10"
78
+
79
+ summary:
80
+ description: "Show Executive Summary section in enhanced format output"
81
+ required: false
82
+ default: "false"
83
+
84
+ severity-breakdown:
85
+ description: "Show Issue Severity Breakdown section in enhanced format output"
86
+ required: false
87
+ default: "false"
88
+
64
89
  use-access-analyzer:
65
90
  description: "Use AWS IAM Access Analyzer for validation (requires AWS credentials)"
66
91
  required: false
@@ -72,7 +97,7 @@ inputs:
72
97
  default: "us-east-1"
73
98
 
74
99
  policy-type:
75
- description: "Policy type for Access Analyzer (IDENTITY_POLICY, RESOURCE_POLICY, SERVICE_CONTROL_POLICY, RESOURCE_CONTROL_POLICY)"
100
+ description: "Policy type (IDENTITY_POLICY, RESOURCE_POLICY, TRUST_POLICY, SERVICE_CONTROL_POLICY, RESOURCE_CONTROL_POLICY)"
76
101
  required: false
77
102
  default: "IDENTITY_POLICY"
78
103
 
@@ -388,6 +413,20 @@ runs:
388
413
  ARGS="$ARGS --no-recursive"
389
414
  fi
390
415
 
416
+ # Add streaming mode flags
417
+ if [ "${{ inputs.stream }}" = "true" ]; then
418
+ ARGS="$ARGS --stream --batch-size ${{ inputs.batch-size }}"
419
+ fi
420
+
421
+ # Add enhanced output flags
422
+ if [ "${{ inputs.summary }}" = "true" ]; then
423
+ ARGS="$ARGS --summary"
424
+ fi
425
+
426
+ if [ "${{ inputs.severity-breakdown }}" = "true" ]; then
427
+ ARGS="$ARGS --severity-breakdown"
428
+ fi
429
+
391
430
  # Add fail-on-warnings flag
392
431
  if [ "${{ inputs.fail-on-warnings }}" = "true" ]; then
393
432
  ARGS="$ARGS --fail-on-warnings"
@@ -526,3 +565,10 @@ runs:
526
565
  name: iam-policy-validation-report
527
566
  path: ${{ github.workspace }}/${{ inputs.output-file }}
528
567
  retention-days: 30
568
+
569
+ - name: Upload SARIF to GitHub Code Scanning
570
+ if: always() && inputs.upload-sarif == 'true' && inputs.format == 'sarif' && inputs.output-file != ''
571
+ uses: github/codeql-action/upload-sarif@e6985fd516cce3b1a0e8db34a4013d2e50a1e252 # v4.32.0
572
+ with:
573
+ sarif_file: ${{ github.workspace }}/${{ inputs.output-file }}
574
+ category: iam-policy-validation
{iam_policy_validator-1.15.3 → iam_policy_validator-1.15.5}/docs/api-reference/models.md RENAMED
@@ -43,19 +43,30 @@ Represents a validation issue found in a policy.
43
43
 
44
44
  ```python
45
45
  class ValidationIssue(BaseModel):
46
+ # Core fields
46
47
  severity: str # error, warning, critical, high, medium, low
47
48
  statement_index: int # Statement number (0-based)
48
- issue_type: str # Issue category
49
+ issue_type: str # Issue category (e.g., "invalid_action", "overly_permissive")
49
50
  message: str # Human-readable description
50
- check_id: str | None # Check that found this
51
- statement_sid: str | None # Statement ID
52
- action: str | None # Action involved
53
- resource: str | None # Resource involved
54
- condition_key: str | None # Condition key involved
55
- suggestion: str | None # How to fix
56
- example: str | None # Code example
57
- line_number: int | None # Line in source file
58
- field_name: str | None # Field name (action, resource, etc.)
51
+ check_id: str | None # Check that found this (e.g., "wildcard_action")
52
+ statement_sid: str | None # Statement ID if present
53
+
54
+ # Context fields
55
+ action: str | None # Action involved in the issue
56
+ resource: str | None # Resource involved in the issue
57
+ condition_key: str | None # Condition key involved in the issue
58
+ field_name: str | None # Field name: "action", "resource", "condition", "principal", "effect", "sid"
59
+ line_number: int | None # Line number in source file
60
+
61
+ # Guidance fields
62
+ suggestion: str | None # How to fix the issue
63
+ example: str | None # Code example (JSON/YAML)
64
+
65
+ # Enhanced finding quality fields
66
+ risk_explanation: str | None # Why this is a security risk
67
+ documentation_url: str | None # Link to AWS docs or runbook
68
+ remediation_steps: list[str] | None # Step-by-step fix guidance
69
+ risk_category: str | None # Category: "privilege_escalation", "data_exfiltration", etc.
59
70
  ```
60
71
 
61
72
  ## PolicyValidationResult