iam-policy-validator 1.7.0__tar.gz → 1.7.1__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/.github/workflows/ci.yml +6 -4
- iam_policy_validator-1.7.1/.github/workflows/cleanup-prereleases.yml +160 -0
- iam_policy_validator-1.7.1/.github/workflows/codeql.yml +43 -0
- iam_policy_validator-1.7.1/.github/workflows/pre-release.yml +239 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/.github/workflows/release.yml +6 -5
- iam_policy_validator-1.7.1/.github/workflows/scorecard.yml +62 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/.gitignore +1 -0
- iam_policy_validator-1.7.1/PKG-INFO +429 -0
- iam_policy_validator-1.7.1/README.md +387 -0
- iam_policy_validator-1.7.1/SECURITY.md +302 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/action.yaml +2 -2
- iam_policy_validator-1.7.1/docs/development/pre-release-guide.md +371 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/__version__.py +1 -1
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/action_condition_enforcement.py +2 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/utils/sensitive_action_matcher.py +1 -2
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/utils/wildcard_expansion.py +1 -2
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/utils/regex.py +7 -8
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/pyproject.toml +1 -1
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_regex_utils.py +0 -1
- iam_policy_validator-1.7.0/PKG-INFO +0 -1057
- iam_policy_validator-1.7.0/README.md +0 -1015
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/.github/dependabot.yml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/.python-version +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/CONTRIBUTING.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/DOCS.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/LICENSE +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/Makefile +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/_manifest.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/_services.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/a2c.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/a4b.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/access-analyzer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/account.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/acm-pca.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/acm.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/action-recommendations.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/activate.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/aiops.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/airflow.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/amplify.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/amplifybackend.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/amplifyuibuilder.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/aoss.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/apigateway.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/app-integrations.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/appconfig.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/appfabric.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/appflow.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/application-autoscaling.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/application-signals.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/application-transformation.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/applicationinsights.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/appmesh-preview.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/appmesh.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/apprunner.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/appstream.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/appstudio.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/appsync.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/apptest.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/aps.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/arc-region-switch.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/arc-zonal-shift.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/arsenal.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/artifact.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/athena.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/auditmanager.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/autoscaling-plans.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/autoscaling.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/aws-marketplace-management.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/aws-marketplace.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/aws-portal.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/awsconnector.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/b2bi.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/backup-gateway.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/backup-search.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/backup-storage.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/backup.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/batch.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/bcm-dashboards.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/bcm-data-exports.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/bcm-pricing-calculator.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/bcm-recommended-actions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/bedrock-agentcore.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/bedrock.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/billing.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/billingconductor.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/braket.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/budgets.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/bugbust.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cases.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cassandra.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ce.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/chatbot.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/chime.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cleanrooms-ml.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cleanrooms.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloud9.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/clouddirectory.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudformation.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudfront-keyvaluestore.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudfront.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudhsm.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudsearch.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudshell.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudtrail-data.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudtrail.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cloudwatch.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codeartifact.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codebuild.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codecatalyst.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codecommit.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codeconnections.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codedeploy-commands-secure.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codedeploy.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codeguru-profiler.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codeguru-reviewer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codeguru-security.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codeguru.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codepipeline.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codestar-connections.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codestar-notifications.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codestar.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/codewhisperer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cognito-identity.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cognito-idp.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cognito-sync.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/comprehend.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/comprehendmedical.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/compute-optimizer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/config.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/connect-campaigns.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/connect.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/consoleapp.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/consolidatedbilling.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/controlcatalog.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/controltower.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cost-optimization-hub.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/cur.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/customer-verification.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/databrew.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/dataexchange.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/datapipeline.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/datasync.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/datazone.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/dax.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/dbqms.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/deadline.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/deepcomposer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/deepracer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/detective.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/devicefarm.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/devops-guru.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/directconnect.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/discovery.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/dlm.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/dms.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/docdb-elastic.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/drs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ds-data.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ds.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/dsql.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/dynamodb.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ebs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ec2-instance-connect.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ec2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ec2messages.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ecr-public.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ecr.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ecs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/eks-auth.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/eks.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elasticache.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elasticbeanstalk.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elasticfilesystem.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elasticloadbalancing.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elasticmapreduce.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elastictranscoder.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elemental-activations.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elemental-appliances-software.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elemental-support-cases.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/elemental-support-content.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/emr-containers.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/emr-serverless.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/entityresolution.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/es.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/events.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/evidently.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/evs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/execute-api.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/finspace-api.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/finspace.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/firehose.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/fis.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/fms.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/forecast.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/frauddetector.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/freertos.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/freetier.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/fsx.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/gamelift.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/gameliftstreams.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/geo-maps.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/geo-places.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/geo-routes.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/geo.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/glacier.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/globalaccelerator.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/glue.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/grafana.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/greengrass.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/groundstation.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/groundtruthlabeling.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/guardduty.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/health.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/healthlake.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/honeycode.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iam.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/identity-sync.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/identitystore-auth.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/identitystore.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/imagebuilder.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/importexport.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/inspector-scan.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/inspector.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/inspector2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/internetmonitor.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/invoicing.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iot-device-tester.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iot.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotanalytics.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotdeviceadvisor.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotevents.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotfleethub.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotfleetwise.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotjobsdata.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotmanagedintegrations.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotsitewise.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iottwinmaker.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iotwireless.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iq-permission.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/iq.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ivs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ivschat.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kafka-cluster.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kafka.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kafkaconnect.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kendra-ranking.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kendra.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kinesis.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kinesisanalytics.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kinesisvideo.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/kms.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/lakeformation.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/lambda.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/launchwizard.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/lex.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/license-manager-linux-subscriptions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/license-manager-user-subscriptions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/license-manager.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/lightsail.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/logs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/lookoutequipment.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/lookoutmetrics.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/lookoutvision.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/m2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/machinelearning.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/macie2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/managedblockchain-query.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/managedblockchain.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mapcredits.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/marketplacecommerceanalytics.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mechanicalturk.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mediaconnect.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mediaconvert.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mediaimport.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/medialive.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mediapackage-vod.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mediapackage.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mediapackagev2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mediastore.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mediatailor.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/medical-imaging.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/memorydb.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mgh.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mgn.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/migrationhub-orchestrator.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/migrationhub-strategy.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mobileanalytics.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mobiletargeting.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/monitron.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mpa.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/mq.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/neptune-db.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/neptune-graph.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/network-firewall.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/network-security-director.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/networkflowmonitor.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/networkmanager-chat.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/networkmanager.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/networkmonitor.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/nimble.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/notifications-contacts.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/notifications.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/oam.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/observabilityadmin.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/odb.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/omics.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/one.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/opensearch.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/opsworks-cm.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/opsworks.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/organizations.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/osis.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/outposts.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/panorama.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/partnercentral-account-management.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/partnercentral.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/payment-cryptography.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/payments.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/pca-connector-ad.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/pca-connector-scep.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/pcs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/personalize.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/pi.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/pipes.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/polly.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/pricing.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/private-networks.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/profile.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/proton.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/purchase-orders.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/q.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/qapps.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/qbusiness.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/qdeveloper.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/qldb.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/quicksight.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ram.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rbin.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rds-data.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rds-db.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rds.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/redshift-data.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/redshift-serverless.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/redshift.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/refactor-spaces.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rekognition.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/repostspace.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/resiliencehub.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/resource-explorer-2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/resource-explorer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/resource-groups.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rhelkb.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/robomaker.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rolesanywhere.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/route53-recovery-cluster.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/route53-recovery-control-config.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/route53-recovery-readiness.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/route53.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/route53domains.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/route53profiles.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/route53resolver.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rtbfabric.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/rum.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/s3-object-lambda.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/s3-outposts.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/s3.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/s3express.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/s3tables.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/s3vectors.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sagemaker-data-science-assistant.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sagemaker-geospatial.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sagemaker-mlflow.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sagemaker.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/savingsplans.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/scheduler.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/schemas.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/scn.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sdb.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/secretsmanager.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/security-ir.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/securityhub.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/securitylake.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/serverlessrepo.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/servicecatalog.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/servicediscovery.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/serviceextract.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/servicequotas.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ses.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/shield.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/signer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/signin.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/simspaceweaver.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sms-voice.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sms.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/snow-device-management.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/snowball.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sns.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/social-messaging.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sqlworkbench.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sqs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ssm-contacts.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ssm-guiconnect.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ssm-incidents.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ssm-quicksetup.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ssm-sap.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ssm.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ssmmessages.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sso-directory.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sso-oauth.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sso.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/states.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/storagegateway.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sts.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/support-console.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/support.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/supportapp.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/supportplans.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/sustainability.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/swf.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/synthetics.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/tag.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/tax.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/textract.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/thinclient.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/timestream-influxdb.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/timestream.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/tiros.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/tnb.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/transcribe.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/transfer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/transform.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/translate.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/trustedadvisor.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/ts.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/user-subscriptions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/uxc.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/vendor-insights.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/verified-access.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/verifiedpermissions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/voiceid.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/vpc-lattice-svcs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/vpc-lattice.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/vpce.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/waf-regional.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/waf.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/wafv2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/wam.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/wellarchitected.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/wickr.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/wisdom.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/workdocs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/worklink.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/workmail.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/workmailmessageflow.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/workspaces-instances.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/workspaces-web.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/workspaces.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/aws_services/xray.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/CHECKS.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/ROADMAP.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/SDK.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/aws-api-configuration.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/aws-services-backup.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/check-reference.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/condition-requirements.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/configuration.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/custom-checks.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/development/PUBLISHING.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/github-actions-examples.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/github-actions-workflows.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/modular-configuration.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/privilege-escalation.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/python-library-usage.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/docs/smart-filtering.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/access-analyzer/example1.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/access-analyzer/example2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/basic-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/ci-cd-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/development-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/full-reference-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/minimal-validation-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/offline-validation.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/policy-level-condition-enforcement-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/principal-condition-enforcement.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/principal-validation-public-with-conditions.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/principal-validation-relaxed.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/principal-validation-strict.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/privilege-escalation-focus-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/resource-policy-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/security-audit-config.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/configs/strict-security.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/advanced_multi_condition_validator.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/cross_account_external_id_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/domain_restriction_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/encryption_required_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/mfa_required_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/region_restriction_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/tag_enforcement_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/custom_checks/time_based_access_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/access-analyzer-only.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/basic-validation.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/custom-policy-checks.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/multi-region-validation.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/resource-policy-validation.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/sarif-code-scanning.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/sequential-validation.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/two-step-validation.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/github-actions/validate-changed-files.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/allowed-wildcard-resource.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/api_gateway_management.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/athena_query_access.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/backup_vault_access.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/cloudformation_deployer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/cloudwatch_monitoring.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/cognito_user_pool.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/dynamodb_table_access.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/ecs_task_execution.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/eventbridge_rules.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/glue_etl_jobs.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/insecure_policy.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/insecure_policy.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/invalid-resource-constraint.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/invalid-sid-special-chars.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/invalid-sid-with-spaces.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/invalid_policy.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/kms_encryption_keys.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/lambda_developer.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/lambda_developer.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/maximum_size_policy.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/policy_missing_required_tags.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/policy_tag_enforcement_example.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/policy_with_wildcard_resources.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/privilege_escalation_scattered.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/rds_database_admin.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/s3_bucket_access.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/sample_policy.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/sample_policy.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/secrets_manager_access.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/sensitive-action-wildcards.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/sns_sqs_messaging.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/step_functions_workflow.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/test_none_of_valid.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/test_none_of_violations.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/valid-sid-formats.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/wildcard_examples.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/wildcard_examples.yaml +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/wrong-condition-key.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/identity-policies/wrong-s3-condition.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-control-policies/rcp-invalid-allow-effect.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-control-policies/rcp-invalid-not-action.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-control-policies/rcp-invalid-specific-principal.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-control-policies/rcp-invalid-unsupported-service.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-control-policies/rcp-invalid-wildcard-action.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-control-policies/rcp-valid-enforce-encryption.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/backup-vault-policy-org-access.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/ecr-repository-policy-org-restricted.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/ecr-repository-policy-public.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/efs-filesystem-policy-vpc-only.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/glacier-vault-policy-cross-account.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/kms-key-policy-cross-account.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/kms-key-policy-insecure.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/kms-key-policy-org-restricted.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/kms-key-policy-service-specific.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/lambda-permission-api-gateway.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/lambda-permission-cross-account-invoke.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/lambda-permission-eventbridge-multiple.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/lambda-permission-public-url.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/lambda-permission-s3-trigger.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/opensearch-domain-policy-ip-restricted.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-cloudfront.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-cross-account-org.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-insecure-transport.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-ip-restriction.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-public-with-conditions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-public.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-specific-account.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-vpc-endpoint.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/s3-bucket-policy-wildcard-actions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/secrets-manager-policy-cross-account.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sns-topic-policy-cross-account-mfa.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sns-topic-policy-cross-account.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sns-topic-policy-eventbridge.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sns-topic-policy-org-wide.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sns-topic-policy-public-no-conditions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sqs-queue-policy-cross-account-role.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sqs-queue-policy-iam-users-mfa.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sqs-queue-policy-public.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/resource-policies/sqs-queue-policy-sns-subscription.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/service-control-policies/deny-root-account-usage.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/service-control-policies/require-mfa.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/service-control-policies/restrict-regions.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/wrong_actions_mismatch/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/wrong_actions_mismatch/dynamodb-wrong-resources.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/wrong_actions_mismatch/ec2-wrong-resources.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/wrong_actions_mismatch/iam-wrong-resources.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/wrong_actions_mismatch/lambda-wrong-resources.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/wrong_actions_mismatch/s3-wrong-resources.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/iam-test-policies/wrong_actions_mismatch/sqs-sns-wrong-resources.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/example1_basic_usage.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/example1_basic_usage_new.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/example2_config_file.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/example2_context_manager.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/example3_policy_manipulation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/example3_programmatic_config.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/example4_custom_condition_requirements.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/policies/my-policy.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/policies/policy1.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/policies/policy2.json +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/examples/library-usage/quick_reference.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/__main__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/action_resource_matching.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/action_validation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/condition_key_validation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/condition_type_mismatch.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/full_wildcard.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/mfa_condition_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/policy_size.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/policy_type_validation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/principal_validation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/resource_validation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/sensitive_action.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/service_wildcard.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/set_operator_validation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/sid_uniqueness.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/utils/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/utils/policy_level_checks.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/wildcard_action.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/checks/wildcard_resource.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/commands/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/commands/analyze.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/commands/base.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/commands/cache.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/commands/download_services.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/commands/post_to_pr.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/commands/validate.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/access_analyzer.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/access_analyzer_report.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/aws_fetcher.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/check_registry.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/cli.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/condition_validators.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/aws_api.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/aws_global_conditions.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/category_suggestions.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/condition_requirements.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/config_loader.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/defaults.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/principal_requirements.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/sensitive_actions.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/service_principals.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/config/wildcards.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/constants.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/base.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/console.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/csv.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/enhanced.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/html.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/json.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/markdown.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/formatters/sarif.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/models.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/policy_checks.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/policy_loader.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/pr_commenter.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/core/report.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/integrations/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/integrations/github_integration.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/integrations/ms_teams.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/sdk/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/sdk/arn_matching.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/sdk/context.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/sdk/exceptions.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/sdk/helpers.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/sdk/policy_utils.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/sdk/shortcuts.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/utils/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/iam_validator/utils/cache.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/scripts/download_aws_services.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/scripts/sync_defaults_from_yaml.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/README.md +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/__init__.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_action_condition_enforcement.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_action_condition_enforcement_policy_level.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_action_resource_matching.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_action_validation_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_aws_api_config.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_aws_fetcher_wildcards.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_aws_global_conditions.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_check_registry.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_comment_truncation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_condition_key_validation_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_condition_type_mismatch.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_config_loader.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_custom_policy_checks.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_full_wildcard_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_mfa_condition_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_models.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_multipart_comments.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_policy_loader.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_policy_size_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_policy_type_validation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_principal_validation_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_resource_validation_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_sensitive_action_wildcard_expansion.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_service_wildcard_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_set_operator_validation.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_sid_uniqueness_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_wildcard_action_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/tests/test_wildcard_resource_check.py +0 -0
- {iam_policy_validator-1.7.0 → iam_policy_validator-1.7.1}/uv.lock +0 -0
|
@@ -7,6 +7,8 @@ on:
|
|
|
7
7
|
branches: [main, develop]
|
|
8
8
|
workflow_dispatch:
|
|
9
9
|
|
|
10
|
+
permissions: read-all
|
|
11
|
+
|
|
10
12
|
env:
|
|
11
13
|
DEFAULT_PYTHON_VERSION: "3.13"
|
|
12
14
|
|
|
@@ -24,7 +26,7 @@ jobs:
|
|
|
24
26
|
python-version: "${{ env.DEFAULT_PYTHON_VERSION }}"
|
|
25
27
|
|
|
26
28
|
- name: Install uv
|
|
27
|
-
uses: astral-sh/setup-uv@
|
|
29
|
+
uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7
|
|
28
30
|
with:
|
|
29
31
|
enable-cache: true
|
|
30
32
|
|
|
@@ -54,7 +56,7 @@ jobs:
|
|
|
54
56
|
python-version: ${{ matrix.python-version }}
|
|
55
57
|
|
|
56
58
|
- name: Install uv
|
|
57
|
-
uses: astral-sh/setup-uv@
|
|
59
|
+
uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7
|
|
58
60
|
with:
|
|
59
61
|
enable-cache: true
|
|
60
62
|
|
|
@@ -78,7 +80,7 @@ jobs:
|
|
|
78
80
|
python-version: "${{ env.DEFAULT_PYTHON_VERSION }}"
|
|
79
81
|
|
|
80
82
|
- name: Install uv
|
|
81
|
-
uses: astral-sh/setup-uv@
|
|
83
|
+
uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7
|
|
82
84
|
with:
|
|
83
85
|
enable-cache: true
|
|
84
86
|
|
|
@@ -102,7 +104,7 @@ jobs:
|
|
|
102
104
|
python-version: "${{ env.DEFAULT_PYTHON_VERSION }}"
|
|
103
105
|
|
|
104
106
|
- name: Install uv
|
|
105
|
-
uses: astral-sh/setup-uv@
|
|
107
|
+
uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7
|
|
106
108
|
with:
|
|
107
109
|
enable-cache: true
|
|
108
110
|
|
|
@@ -0,0 +1,160 @@
|
|
|
1
|
+
name: Cleanup Old Pre-Releases
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
schedule:
|
|
5
|
+
# Run daily at 00:00 UTC
|
|
6
|
+
- cron: '0 0 * * *'
|
|
7
|
+
workflow_dispatch:
|
|
8
|
+
inputs:
|
|
9
|
+
dry_run:
|
|
10
|
+
description: 'Dry run (show what would be deleted without deleting)'
|
|
11
|
+
required: false
|
|
12
|
+
type: boolean
|
|
13
|
+
default: true
|
|
14
|
+
days_old:
|
|
15
|
+
description: 'Delete pre-releases older than X days'
|
|
16
|
+
required: false
|
|
17
|
+
type: number
|
|
18
|
+
default: 30
|
|
19
|
+
|
|
20
|
+
permissions: read-all
|
|
21
|
+
|
|
22
|
+
jobs:
|
|
23
|
+
cleanup:
|
|
24
|
+
name: Delete Old Pre-Releases
|
|
25
|
+
runs-on: ubuntu-latest
|
|
26
|
+
permissions:
|
|
27
|
+
contents: write # Required for deleting releases and tags
|
|
28
|
+
|
|
29
|
+
steps:
|
|
30
|
+
- name: Checkout code
|
|
31
|
+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
|
|
32
|
+
|
|
33
|
+
- name: Cleanup old pre-releases
|
|
34
|
+
env:
|
|
35
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
36
|
+
run: |
|
|
37
|
+
# Configuration
|
|
38
|
+
# For scheduled runs, inputs are empty, so default to 30 days and active cleanup
|
|
39
|
+
DAYS_OLD=${{ inputs.days_old || 30 }}
|
|
40
|
+
DRY_RUN=${{ inputs.dry_run == true && 'true' || 'false' }}
|
|
41
|
+
|
|
42
|
+
echo "🧹 Cleaning up pre-releases older than $DAYS_OLD days"
|
|
43
|
+
echo "🔍 Dry run: $DRY_RUN"
|
|
44
|
+
echo ""
|
|
45
|
+
|
|
46
|
+
# Calculate cutoff date (Unix timestamp)
|
|
47
|
+
CUTOFF_DATE=$(date -u -d "$DAYS_OLD days ago" +%s 2>/dev/null || date -u -v-${DAYS_OLD}d +%s)
|
|
48
|
+
CUTOFF_DATE_HUMAN=$(date -u -d "@$CUTOFF_DATE" +%Y-%m-%d 2>/dev/null || date -u -r $CUTOFF_DATE +%Y-%m-%d)
|
|
49
|
+
|
|
50
|
+
echo "📅 Cutoff date: $CUTOFF_DATE_HUMAN"
|
|
51
|
+
echo ""
|
|
52
|
+
|
|
53
|
+
# Get all releases
|
|
54
|
+
RELEASES=$(gh release list --repo ${{ github.repository }} --limit 1000 --json tagName,isPrerelease,publishedAt,name)
|
|
55
|
+
|
|
56
|
+
echo "📋 Pre-releases found:"
|
|
57
|
+
echo "$RELEASES" | jq -r '.[] | select(.isPrerelease == true) | "\(.tagName) - \(.publishedAt) - \(.name)"'
|
|
58
|
+
echo ""
|
|
59
|
+
|
|
60
|
+
# Create temp files for counters (avoid subshell issue)
|
|
61
|
+
TEMP_DIR=$(mktemp -d)
|
|
62
|
+
echo "0" > "$TEMP_DIR/deleted_count"
|
|
63
|
+
echo "0" > "$TEMP_DIR/kept_count"
|
|
64
|
+
|
|
65
|
+
# Process each pre-release
|
|
66
|
+
echo "$RELEASES" | jq -c '.[] | select(.isPrerelease == true)' | while read -r release; do
|
|
67
|
+
TAG=$(echo "$release" | jq -r '.tagName')
|
|
68
|
+
PUBLISHED_AT=$(echo "$release" | jq -r '.publishedAt')
|
|
69
|
+
NAME=$(echo "$release" | jq -r '.name')
|
|
70
|
+
|
|
71
|
+
# Convert published date to Unix timestamp
|
|
72
|
+
RELEASE_DATE=$(date -u -d "$PUBLISHED_AT" +%s 2>/dev/null || date -u -j -f "%Y-%m-%dT%H:%M:%SZ" "$PUBLISHED_AT" +%s)
|
|
73
|
+
|
|
74
|
+
# Calculate age in days
|
|
75
|
+
AGE_SECONDS=$((CUTOFF_DATE - RELEASE_DATE))
|
|
76
|
+
AGE_DAYS=$((AGE_SECONDS / 86400))
|
|
77
|
+
|
|
78
|
+
if [ $RELEASE_DATE -lt $CUTOFF_DATE ]; then
|
|
79
|
+
echo "🗑️ DELETE: $TAG (age: $((AGE_DAYS * -1)) days) - $NAME"
|
|
80
|
+
|
|
81
|
+
if [ "$DRY_RUN" = "false" ]; then
|
|
82
|
+
# Delete the release
|
|
83
|
+
gh release delete "$TAG" --repo ${{ github.repository }} --yes --cleanup-tag
|
|
84
|
+
|
|
85
|
+
echo " ✅ Deleted release and tag: $TAG"
|
|
86
|
+
else
|
|
87
|
+
echo " ⏭️ Dry run - would delete: $TAG"
|
|
88
|
+
fi
|
|
89
|
+
|
|
90
|
+
# Increment deleted counter
|
|
91
|
+
DELETED_COUNT=$(cat "$TEMP_DIR/deleted_count")
|
|
92
|
+
echo "$((DELETED_COUNT + 1))" > "$TEMP_DIR/deleted_count"
|
|
93
|
+
else
|
|
94
|
+
echo "✅ KEEP: $TAG (age: $((AGE_DAYS * -1)) days) - $NAME"
|
|
95
|
+
|
|
96
|
+
# Increment kept counter
|
|
97
|
+
KEPT_COUNT=$(cat "$TEMP_DIR/kept_count")
|
|
98
|
+
echo "$((KEPT_COUNT + 1))" > "$TEMP_DIR/kept_count"
|
|
99
|
+
fi
|
|
100
|
+
done
|
|
101
|
+
|
|
102
|
+
# Read final counts
|
|
103
|
+
DELETED_COUNT=$(cat "$TEMP_DIR/deleted_count")
|
|
104
|
+
KEPT_COUNT=$(cat "$TEMP_DIR/kept_count")
|
|
105
|
+
rm -rf "$TEMP_DIR"
|
|
106
|
+
|
|
107
|
+
echo ""
|
|
108
|
+
echo "📊 Summary:"
|
|
109
|
+
echo " - Pre-releases to delete: $DELETED_COUNT"
|
|
110
|
+
echo " - Pre-releases to keep: $KEPT_COUNT"
|
|
111
|
+
|
|
112
|
+
if [ "$DRY_RUN" = "true" ]; then
|
|
113
|
+
echo ""
|
|
114
|
+
echo "ℹ️ This was a dry run. No releases were actually deleted."
|
|
115
|
+
echo " To delete releases, set dry_run=false"
|
|
116
|
+
fi
|
|
117
|
+
|
|
118
|
+
- name: Create cleanup summary
|
|
119
|
+
if: always()
|
|
120
|
+
env:
|
|
121
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
122
|
+
run: |
|
|
123
|
+
DAYS_OLD=${{ inputs.days_old || 30 }}
|
|
124
|
+
DRY_RUN=${{ inputs.dry_run == true && 'true' || 'false' }}
|
|
125
|
+
|
|
126
|
+
# Get current pre-release count
|
|
127
|
+
TOTAL_PRERELEASES=$(gh release list --repo ${{ github.repository }} --limit 1000 --json isPrerelease | jq '[.[] | select(.isPrerelease == true)] | length')
|
|
128
|
+
|
|
129
|
+
cat >> $GITHUB_STEP_SUMMARY << EOF
|
|
130
|
+
# 🧹 Pre-Release Cleanup Summary
|
|
131
|
+
|
|
132
|
+
## Configuration
|
|
133
|
+
- **Retention Period**: Delete pre-releases older than $DAYS_OLD days
|
|
134
|
+
- **Mode**: $(if [ "$DRY_RUN" = "true" ]; then echo "🔍 Dry Run (no deletions)"; else echo "🗑️ Active (deleting releases)"; fi)
|
|
135
|
+
|
|
136
|
+
## Statistics
|
|
137
|
+
- **Total Pre-releases**: $TOTAL_PRERELEASES
|
|
138
|
+
- **Cutoff Date**: $(date -u -d "$DAYS_OLD days ago" +%Y-%m-%d 2>/dev/null || date -u -v-${DAYS_OLD}d +%Y-%m-%d)
|
|
139
|
+
|
|
140
|
+
## Policy
|
|
141
|
+
Pre-releases are automatically cleaned up based on:
|
|
142
|
+
- ✅ Alpha releases: Deleted after $DAYS_OLD days
|
|
143
|
+
- ✅ Beta releases: Deleted after $DAYS_OLD days
|
|
144
|
+
- ✅ RC releases: Deleted after $DAYS_OLD days
|
|
145
|
+
- ⛔ Stable releases: Never deleted automatically
|
|
146
|
+
|
|
147
|
+
## Next Steps
|
|
148
|
+
$(if [ "$DRY_RUN" = "true" ]; then echo "Run this workflow with \`dry_run=false\` to actually delete old pre-releases."; else echo "Pre-release cleanup is active. Old pre-releases have been removed."; fi)
|
|
149
|
+
|
|
150
|
+
---
|
|
151
|
+
*This workflow runs daily at 00:00 UTC or can be triggered manually.*
|
|
152
|
+
EOF
|
|
153
|
+
|
|
154
|
+
- name: List remaining pre-releases
|
|
155
|
+
if: always()
|
|
156
|
+
env:
|
|
157
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
158
|
+
run: |
|
|
159
|
+
echo "📦 Remaining pre-releases:"
|
|
160
|
+
gh release list --repo ${{ github.repository }} --limit 50 | grep -E "(alpha|beta|rc)" || echo "No pre-releases found"
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
name: "CodeQL"
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
push:
|
|
5
|
+
branches: [main]
|
|
6
|
+
pull_request:
|
|
7
|
+
branches: [main]
|
|
8
|
+
schedule:
|
|
9
|
+
- cron: "30 1 * * 1" # Weekly on Mondays at 1:30 AM
|
|
10
|
+
|
|
11
|
+
permissions: read-all
|
|
12
|
+
|
|
13
|
+
jobs:
|
|
14
|
+
analyze:
|
|
15
|
+
name: Analyze
|
|
16
|
+
runs-on: ubuntu-latest
|
|
17
|
+
permissions:
|
|
18
|
+
actions: read
|
|
19
|
+
contents: read
|
|
20
|
+
security-events: write
|
|
21
|
+
|
|
22
|
+
strategy:
|
|
23
|
+
fail-fast: false
|
|
24
|
+
matrix:
|
|
25
|
+
language: ["python"]
|
|
26
|
+
|
|
27
|
+
steps:
|
|
28
|
+
- name: Checkout repository
|
|
29
|
+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
|
|
30
|
+
|
|
31
|
+
- name: Initialize CodeQL
|
|
32
|
+
uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4
|
|
33
|
+
with:
|
|
34
|
+
languages: ${{ matrix.language }}
|
|
35
|
+
queries: security-extended,security-and-quality
|
|
36
|
+
|
|
37
|
+
- name: Autobuild
|
|
38
|
+
uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v4
|
|
39
|
+
|
|
40
|
+
- name: Perform CodeQL Analysis
|
|
41
|
+
uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4
|
|
42
|
+
with:
|
|
43
|
+
category: "/language:${{matrix.language}}"
|
|
@@ -0,0 +1,239 @@
|
|
|
1
|
+
name: Pre-Release (RC/Alpha/Beta)
|
|
2
|
+
|
|
3
|
+
on:
|
|
4
|
+
workflow_dispatch:
|
|
5
|
+
inputs:
|
|
6
|
+
pr_number:
|
|
7
|
+
description: "PR number to create pre-release from"
|
|
8
|
+
required: true
|
|
9
|
+
type: number
|
|
10
|
+
release_type:
|
|
11
|
+
description: "Type of pre-release"
|
|
12
|
+
required: true
|
|
13
|
+
type: choice
|
|
14
|
+
options:
|
|
15
|
+
- alpha
|
|
16
|
+
- beta
|
|
17
|
+
- rc
|
|
18
|
+
version_increment:
|
|
19
|
+
description: "Which version part to increment"
|
|
20
|
+
required: true
|
|
21
|
+
type: choice
|
|
22
|
+
default: "minor"
|
|
23
|
+
options:
|
|
24
|
+
- major
|
|
25
|
+
- minor
|
|
26
|
+
- patch
|
|
27
|
+
pre_release_number:
|
|
28
|
+
description: "Pre-release number (e.g., 1 for alpha.1)"
|
|
29
|
+
required: false
|
|
30
|
+
type: number
|
|
31
|
+
default: 1
|
|
32
|
+
python_version:
|
|
33
|
+
description: "Python version to use for building"
|
|
34
|
+
required: false
|
|
35
|
+
type: string
|
|
36
|
+
default: "3.13"
|
|
37
|
+
|
|
38
|
+
permissions: read-all
|
|
39
|
+
|
|
40
|
+
jobs:
|
|
41
|
+
build-pre-release:
|
|
42
|
+
name: Build and Create Pre-Release
|
|
43
|
+
runs-on: ubuntu-latest
|
|
44
|
+
environment: prerelease # Requires approval from environment reviewers
|
|
45
|
+
permissions:
|
|
46
|
+
contents: write # Required for creating releases and tags
|
|
47
|
+
pull-requests: read # Required for reading PR info
|
|
48
|
+
id-token: write # Required for PyPI trusted publishing (test.pypi.org)
|
|
49
|
+
|
|
50
|
+
steps:
|
|
51
|
+
- name: Get PR information
|
|
52
|
+
id: pr_info
|
|
53
|
+
env:
|
|
54
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
55
|
+
run: |
|
|
56
|
+
PR_DATA=$(gh pr view ${{ inputs.pr_number }} --repo ${{ github.repository }} --json headRefName,title,state)
|
|
57
|
+
|
|
58
|
+
STATE=$(echo "$PR_DATA" | jq -r '.state')
|
|
59
|
+
if [ "$STATE" != "OPEN" ]; then
|
|
60
|
+
echo "❌ PR #${{ inputs.pr_number }} is not open (state: $STATE)"
|
|
61
|
+
exit 1
|
|
62
|
+
fi
|
|
63
|
+
|
|
64
|
+
BRANCH=$(echo "$PR_DATA" | jq -r '.headRefName')
|
|
65
|
+
TITLE=$(echo "$PR_DATA" | jq -r '.title')
|
|
66
|
+
|
|
67
|
+
echo "branch=$BRANCH" >> $GITHUB_OUTPUT
|
|
68
|
+
echo "title=$TITLE" >> $GITHUB_OUTPUT
|
|
69
|
+
echo "✅ PR #${{ inputs.pr_number }}: $TITLE (branch: $BRANCH)"
|
|
70
|
+
|
|
71
|
+
- name: Checkout PR branch
|
|
72
|
+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5
|
|
73
|
+
with:
|
|
74
|
+
ref: ${{ steps.pr_info.outputs.branch }}
|
|
75
|
+
fetch-depth: 0
|
|
76
|
+
|
|
77
|
+
- name: Set up Python
|
|
78
|
+
uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6
|
|
79
|
+
with:
|
|
80
|
+
python-version: ${{ inputs.python_version }}
|
|
81
|
+
|
|
82
|
+
- name: Install uv
|
|
83
|
+
uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7
|
|
84
|
+
with:
|
|
85
|
+
enable-cache: true
|
|
86
|
+
|
|
87
|
+
- name: Calculate pre-release version
|
|
88
|
+
id: version
|
|
89
|
+
run: |
|
|
90
|
+
# Get current version from __version__.py
|
|
91
|
+
CURRENT_VERSION=$(grep -E "^__version__" iam_validator/__version__.py | cut -d'"' -f2)
|
|
92
|
+
echo "Current version: $CURRENT_VERSION"
|
|
93
|
+
|
|
94
|
+
# Parse version parts
|
|
95
|
+
IFS='.' read -r MAJOR MINOR PATCH <<< "$CURRENT_VERSION"
|
|
96
|
+
|
|
97
|
+
# Increment based on input
|
|
98
|
+
case "${{ inputs.version_increment }}" in
|
|
99
|
+
major)
|
|
100
|
+
MAJOR=$((MAJOR + 1))
|
|
101
|
+
MINOR=0
|
|
102
|
+
PATCH=0
|
|
103
|
+
;;
|
|
104
|
+
minor)
|
|
105
|
+
MINOR=$((MINOR + 1))
|
|
106
|
+
PATCH=0
|
|
107
|
+
;;
|
|
108
|
+
patch)
|
|
109
|
+
PATCH=$((PATCH + 1))
|
|
110
|
+
;;
|
|
111
|
+
esac
|
|
112
|
+
|
|
113
|
+
# Build pre-release version
|
|
114
|
+
PRE_VERSION="${MAJOR}.${MINOR}.${PATCH}-${{ inputs.release_type }}.${{ inputs.pre_release_number }}"
|
|
115
|
+
TAG="v${PRE_VERSION}"
|
|
116
|
+
|
|
117
|
+
echo "version=$PRE_VERSION" >> $GITHUB_OUTPUT
|
|
118
|
+
echo "tag=$TAG" >> $GITHUB_OUTPUT
|
|
119
|
+
echo "base_version=${MAJOR}.${MINOR}.${PATCH}" >> $GITHUB_OUTPUT
|
|
120
|
+
|
|
121
|
+
echo "📦 Pre-release version: $PRE_VERSION"
|
|
122
|
+
echo "🏷️ Tag: $TAG"
|
|
123
|
+
|
|
124
|
+
- name: Update version in __version__.py
|
|
125
|
+
run: |
|
|
126
|
+
# Create backup and update version (portable across macOS/Linux)
|
|
127
|
+
cp iam_validator/__version__.py iam_validator/__version__.py.bak
|
|
128
|
+
sed 's/__version__ = ".*"/__version__ = "${{ steps.version.outputs.version }}"/' iam_validator/__version__.py.bak > iam_validator/__version__.py
|
|
129
|
+
rm iam_validator/__version__.py.bak
|
|
130
|
+
|
|
131
|
+
echo "✅ Updated __version__.py to ${{ steps.version.outputs.version }}"
|
|
132
|
+
cat iam_validator/__version__.py
|
|
133
|
+
|
|
134
|
+
- name: Install dependencies
|
|
135
|
+
run: uv sync --frozen
|
|
136
|
+
|
|
137
|
+
- name: Run tests
|
|
138
|
+
run: uv run pytest --verbose
|
|
139
|
+
continue-on-error: false
|
|
140
|
+
|
|
141
|
+
- name: Build package
|
|
142
|
+
run: uv build
|
|
143
|
+
|
|
144
|
+
- name: Generate pre-release notes
|
|
145
|
+
id: release_notes
|
|
146
|
+
run: |
|
|
147
|
+
cat > PRERELEASE_NOTES.md << EOF
|
|
148
|
+
# Pre-Release: ${{ steps.version.outputs.tag }}
|
|
149
|
+
|
|
150
|
+
## 🧪 Testing Release
|
|
151
|
+
|
|
152
|
+
This is a **${{ inputs.release_type }}** pre-release built from PR #${{ inputs.pr_number }}.
|
|
153
|
+
|
|
154
|
+
**⚠️ Not recommended for production use.**
|
|
155
|
+
|
|
156
|
+
### PR Information
|
|
157
|
+
- **PR**: #${{ inputs.pr_number }} - ${{ steps.pr_info.outputs.title }}
|
|
158
|
+
- **Branch**: \`${{ steps.pr_info.outputs.branch }}\`
|
|
159
|
+
- **Base Version**: \`${{ steps.version.outputs.base_version }}\`
|
|
160
|
+
- **Pre-release**: \`${{ inputs.release_type }}.${{ inputs.pre_release_number }}\`
|
|
161
|
+
|
|
162
|
+
### Installation
|
|
163
|
+
\`\`\`bash
|
|
164
|
+
# Install from GitHub release
|
|
165
|
+
pip install https://github.com/${{ github.repository }}/releases/download/${{ steps.version.outputs.tag }}/iam_policy_validator-${{ steps.version.outputs.version }}-py3-none-any.whl
|
|
166
|
+
\`\`\`
|
|
167
|
+
|
|
168
|
+
### Recent Changes
|
|
169
|
+
EOF
|
|
170
|
+
|
|
171
|
+
# Add commits from the PR branch
|
|
172
|
+
git log --pretty=format:"- %s (%h by %an)" --no-merges -10 >> PRERELEASE_NOTES.md
|
|
173
|
+
|
|
174
|
+
cat PRERELEASE_NOTES.md
|
|
175
|
+
|
|
176
|
+
- name: Create GitHub Pre-Release
|
|
177
|
+
uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2
|
|
178
|
+
with:
|
|
179
|
+
name: "${{ steps.version.outputs.tag }} (Pre-release)"
|
|
180
|
+
tag_name: ${{ steps.version.outputs.tag }}
|
|
181
|
+
body_path: PRERELEASE_NOTES.md
|
|
182
|
+
files: |
|
|
183
|
+
dist/*.whl
|
|
184
|
+
dist/*.tar.gz
|
|
185
|
+
draft: false
|
|
186
|
+
prerelease: true
|
|
187
|
+
generate_release_notes: false
|
|
188
|
+
target_commitish: ${{ steps.pr_info.outputs.branch }}
|
|
189
|
+
env:
|
|
190
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
191
|
+
|
|
192
|
+
- name: Comment on PR
|
|
193
|
+
env:
|
|
194
|
+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
195
|
+
run: |
|
|
196
|
+
gh pr comment ${{ inputs.pr_number }} --repo ${{ github.repository }} --body \
|
|
197
|
+
"## 🚀 Pre-Release Created
|
|
198
|
+
|
|
199
|
+
A **${{ inputs.release_type }}** pre-release has been created from this PR.
|
|
200
|
+
|
|
201
|
+
- **Version**: \`${{ steps.version.outputs.version }}\`
|
|
202
|
+
- **Tag**: [\`${{ steps.version.outputs.tag }}\`](https://github.com/${{ github.repository }}/releases/tag/${{ steps.version.outputs.tag }})
|
|
203
|
+
- **Release**: [View Release](https://github.com/${{ github.repository }}/releases/tag/${{ steps.version.outputs.tag }})
|
|
204
|
+
|
|
205
|
+
### Install & Test
|
|
206
|
+
\`\`\`bash
|
|
207
|
+
pip install https://github.com/${{ github.repository }}/releases/download/${{ steps.version.outputs.tag }}/iam_policy_validator-${{ steps.version.outputs.version }}-py3-none-any.whl
|
|
208
|
+
\`\`\`
|
|
209
|
+
|
|
210
|
+
⚠️ This is a pre-release and should not be used in production."
|
|
211
|
+
|
|
212
|
+
- name: Create Summary
|
|
213
|
+
if: always()
|
|
214
|
+
run: |
|
|
215
|
+
cat >> $GITHUB_STEP_SUMMARY << EOF
|
|
216
|
+
# 🧪 Pre-Release Summary
|
|
217
|
+
|
|
218
|
+
## 📦 Pre-Release Information
|
|
219
|
+
- **Type**: ${{ inputs.release_type }}
|
|
220
|
+
- **Version**: \`${{ steps.version.outputs.version }}\`
|
|
221
|
+
- **Tag**: \`${{ steps.version.outputs.tag }}\`
|
|
222
|
+
- **PR**: [#${{ inputs.pr_number }}](https://github.com/${{ github.repository }}/pull/${{ inputs.pr_number }}) - ${{ steps.pr_info.outputs.title }}
|
|
223
|
+
- **Branch**: \`${{ steps.pr_info.outputs.branch }}\`
|
|
224
|
+
|
|
225
|
+
## 🔗 Links
|
|
226
|
+
- [📦 GitHub Release](https://github.com/${{ github.repository }}/releases/tag/${{ steps.version.outputs.tag }})
|
|
227
|
+
- [🔀 Pull Request](https://github.com/${{ github.repository }}/pull/${{ inputs.pr_number }})
|
|
228
|
+
|
|
229
|
+
## 📥 Installation
|
|
230
|
+
\`\`\`bash
|
|
231
|
+
pip install https://github.com/${{ github.repository }}/releases/download/${{ steps.version.outputs.tag }}/iam_policy_validator-${{ steps.version.outputs.version }}-py3-none-any.whl
|
|
232
|
+
\`\`\`
|
|
233
|
+
|
|
234
|
+
## ⚠️ Important Notes
|
|
235
|
+
- This is a **pre-release** for testing purposes only
|
|
236
|
+
- Not published to PyPI
|
|
237
|
+
- Will be automatically cleaned up after 30 days
|
|
238
|
+
- Do not use in production
|
|
239
|
+
EOF
|
|
@@ -5,9 +5,7 @@ on:
|
|
|
5
5
|
tags:
|
|
6
6
|
- "v*.*.*"
|
|
7
7
|
|
|
8
|
-
permissions:
|
|
9
|
-
contents: write
|
|
10
|
-
id-token: write
|
|
8
|
+
permissions: read-all
|
|
11
9
|
|
|
12
10
|
env:
|
|
13
11
|
PYTHON_VERSION: "3.13"
|
|
@@ -17,6 +15,9 @@ jobs:
|
|
|
17
15
|
name: Build and Create Release
|
|
18
16
|
runs-on: ubuntu-latest
|
|
19
17
|
environment: production
|
|
18
|
+
permissions:
|
|
19
|
+
contents: write # Required for creating GitHub releases
|
|
20
|
+
id-token: write # Required for PyPI trusted publishing
|
|
20
21
|
|
|
21
22
|
steps:
|
|
22
23
|
- name: Checkout code
|
|
@@ -30,7 +31,7 @@ jobs:
|
|
|
30
31
|
python-version: ${{ env.PYTHON_VERSION }}
|
|
31
32
|
|
|
32
33
|
- name: Install uv
|
|
33
|
-
uses: astral-sh/setup-uv@
|
|
34
|
+
uses: astral-sh/setup-uv@5a7eac68fb9809dea845d802897dc5c723910fa3 # v7
|
|
34
35
|
with:
|
|
35
36
|
enable-cache: true
|
|
36
37
|
|
|
@@ -69,7 +70,7 @@ jobs:
|
|
|
69
70
|
echo "Generated changelog with $COMMIT_COUNT commits"
|
|
70
71
|
|
|
71
72
|
- name: Create GitHub Release
|
|
72
|
-
uses: softprops/action-gh-release@
|
|
73
|
+
uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2
|
|
73
74
|
with:
|
|
74
75
|
name: ${{ steps.get_version.outputs.tag }}
|
|
75
76
|
body_path: CHANGELOG.txt
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
# This workflow uses actions that are not certified by GitHub. They are provided
|
|
2
|
+
# by a third-party and are governed by separate terms of service, privacy
|
|
3
|
+
# policy, and support documentation.
|
|
4
|
+
|
|
5
|
+
name: Scorecard supply-chain security
|
|
6
|
+
on:
|
|
7
|
+
# For Branch-Protection check. Only the default branch is supported. See
|
|
8
|
+
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
|
|
9
|
+
branch_protection_rule:
|
|
10
|
+
# To guarantee Maintained check is occasionally updated. See
|
|
11
|
+
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
|
|
12
|
+
schedule:
|
|
13
|
+
- cron: '23 7 * * 0'
|
|
14
|
+
push:
|
|
15
|
+
branches: [ "main" ]
|
|
16
|
+
|
|
17
|
+
# Declare default permissions as read only.
|
|
18
|
+
permissions: read-all
|
|
19
|
+
|
|
20
|
+
jobs:
|
|
21
|
+
analysis:
|
|
22
|
+
name: Scorecard analysis
|
|
23
|
+
runs-on: ubuntu-latest
|
|
24
|
+
# `publish_results: true` only works when run from the default branch. conditional can be removed if disabled.
|
|
25
|
+
if: github.event.repository.default_branch == github.ref_name || github.event_name == 'pull_request'
|
|
26
|
+
permissions:
|
|
27
|
+
# Needed to upload the results to code-scanning dashboard.
|
|
28
|
+
security-events: write
|
|
29
|
+
# Needed to publish results and get a badge (see publish_results below).
|
|
30
|
+
id-token: write
|
|
31
|
+
# Uncomment the permissions below if installing in a private repository.
|
|
32
|
+
# contents: read
|
|
33
|
+
# actions: read
|
|
34
|
+
|
|
35
|
+
steps:
|
|
36
|
+
- name: "Checkout code"
|
|
37
|
+
uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
|
|
38
|
+
with:
|
|
39
|
+
persist-credentials: false
|
|
40
|
+
|
|
41
|
+
- name: "Run analysis"
|
|
42
|
+
uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
|
|
43
|
+
with:
|
|
44
|
+
results_file: results.sarif
|
|
45
|
+
results_format: sarif
|
|
46
|
+
publish_results: true
|
|
47
|
+
|
|
48
|
+
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
|
49
|
+
# format to the repository Actions tab.
|
|
50
|
+
- name: "Upload artifact"
|
|
51
|
+
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
|
|
52
|
+
with:
|
|
53
|
+
name: SARIF file
|
|
54
|
+
path: results.sarif
|
|
55
|
+
retention-days: 5
|
|
56
|
+
|
|
57
|
+
# Upload the results to GitHub's code scanning dashboard (optional).
|
|
58
|
+
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
|
|
59
|
+
- name: "Upload to code-scanning"
|
|
60
|
+
uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2
|
|
61
|
+
with:
|
|
62
|
+
sarif_file: results.sarif
|