Common Properties
¶
Property
¶
This class is used for all property types that we haven't had time to implement yet.
Properties:
- Condition
¶
Policy
¶
Contains information about an attached policy.
Properties:
- PolicyDocument: A policy document object.
- PolicyName: The friendly name (not ARN) identifying the policy.
¶
PolicyDocument
¶
Contains information about an attached policy.
Properties:
- Statement: A statement object.
- Version
allowed_actions_with(self, pattern)
¶
Finds all statements which have at least one action with the pattern.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
pattern |
Pattern |
Pattern to match. |
required |
Returns:
Type | Description |
---|---|
List[pycfmodel.model.resources.properties.statement.Statement] |
List of statements. |
Source code in pycfmodel/model/resources/properties/policy_document.py
174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 |
|
allowed_principals_with(self, pattern)
¶
Finds all allowed principals which match the pattern.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
pattern |
Pattern |
Pattern to match. |
required |
Returns:
Type | Description |
---|---|
List[str] |
List of principals. |
Source code in pycfmodel/model/resources/properties/policy_document.py
190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 |
|
get_iam_actions(self, difference=False)
¶
Find all IAM Actions which are specified in statements.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
difference |
|
when True, the behaviour changes to find the difference between all IAM Actions and those specified in the statements of the policy. Default = False. |
False |
Returns:
Type | Description |
---|---|
List[str] |
List of matching actions. |
Source code in pycfmodel/model/resources/properties/policy_document.py
222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 |
|
non_whitelisted_allowed_principals(self, whitelist)
¶
Find non whitelisted allowed principals.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
whitelist |
List[str] |
List of whitelisted principals. |
required |
Returns:
Type | Description |
---|---|
List[str] |
List of principals. |
Source code in pycfmodel/model/resources/properties/policy_document.py
206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 |
|
statements_with(self, pattern)
¶
Finds all statements which have at least one resource with the pattern.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
pattern |
Pattern |
Pattern to match. |
required |
Returns:
Type | Description |
---|---|
List[pycfmodel.model.resources.properties.statement.Statement] |
List of statements. |
Source code in pycfmodel/model/resources/properties/policy_document.py
162 163 164 165 166 167 168 169 170 171 172 |
|
¶
SecurityGroupEgressProp
¶
An outbound rule permits instances to send traffic from the specified IPv4 or IPv6 CIDR address range, or to the instances associated with the specified security group.
Properties:
- CidrIp: The IPv4 ranges.
- CidrIpv6: The IPv6 ranges.
- Description: The description of an egress (outbound) security group rule.
- DestinationPrefixListId: The prefix list IDs for an AWS service.
- DestinationSecurityGroupId: The ID of the security group.
- FromPort: The start of port range for the TCP and UDP protocols.
- IpProtocol: The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).
- ToPort: The end of port range for the TCP and UDP protocols.
More info at AWS Docs
ipv4_slash_zero(self)
¶
Returns True if CidrIp
matches 0.0.0.0/0
, otherwise False.
Source code in pycfmodel/model/resources/properties/security_group_egress_prop.py
51 52 53 54 55 56 |
|
ipv6_slash_zero(self)
¶
Returns True if CidrIpv6
matches ::/0
, otherwise False.
Source code in pycfmodel/model/resources/properties/security_group_egress_prop.py
58 59 60 61 62 63 |
|
¶
SecurityGroupIngressProp
¶
An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address range, or from the instances associated with the specified security group.
Properties:
- CidrIp: The IPv4 ranges.
- CidrIpv6: The IPv6 ranges.
- Description: The description of an egress (outbound) security group rule.
- FromPort: The start of port range for the TCP and UDP protocols.
- IpProtocol: The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers).
- SourcePrefixListId: The prefix list IDs for an AWS service.
- SourceSecurityGroupId: The ID of the security group.
- SourceSecurityGroupName: The name of the source security group.
- SourceSecurityGroupOwnerId: The AWS account ID for the source security group.
- ToPort: The end of port range for the TCP and UDP protocols.
More info at AWS Docs
ipv4_slash_zero(self)
¶
Returns True if CidrIp
matches 0.0.0.0/0
, otherwise False.
Source code in pycfmodel/model/resources/properties/security_group_ingress_prop.py
55 56 57 58 59 60 |
|
ipv6_slash_zero(self)
¶
Returns True if CidrIpv6
matches ::/0
, otherwise False.
Source code in pycfmodel/model/resources/properties/security_group_ingress_prop.py
62 63 64 65 66 67 |
|
¶
Statement
¶
Contains information about an attached policy.
Properties:
- Sid: Optional identifier.
- Effect: Whether the statement results in an allow or an explicit deny.
- Principal: Specify the IAM user, federated user, IAM role, AWS account, AWS service, or other principal that is allowed to access a resource.
- NotPrincipal: Specify the IAM user, federated user, IAM role, AWS account, AWS service, or other principal that is not allowed or denied access to a resource.
- Action: Specific action or actions that will be allowed or denied.
- NotAction: Explicitly matches everything except the specified action or list of actions.
- Resource: Specifies the object or objects that the statement covers.
- NotResource: Specifies the object or objects that the statement does not cover.
More info at AWS Docs
actions_with(self, pattern)
¶
Finds all actions which match the pattern.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
pattern |
Pattern |
Pattern to match. |
required |
Returns:
Type | Description |
---|---|
List[str] |
List of actions. |
Source code in pycfmodel/model/resources/properties/statement.py
96 97 98 99 100 101 102 103 104 105 106 |
|
get_action_list(self)
¶
Gets all actions specified in Action
and NotAction
.
Returns:
Type | Description |
---|---|
List[Union[str, pycfmodel.model.base.FunctionDict]] |
List of actions. |
Source code in pycfmodel/model/resources/properties/statement.py
41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
|
get_principal_list(self)
¶
Gets all actions specified in Principal
and NotPrincipal
.
Returns:
Type | Description |
---|---|
List[Union[str, pycfmodel.model.base.FunctionDict]] |
List of principals. |
Source code in pycfmodel/model/resources/properties/statement.py
71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 |
|
get_resource_list(self)
¶
Gets all resources specified in Resource
and NotResource
.
Returns:
Type | Description |
---|---|
List[Union[str, pycfmodel.model.base.FunctionDict]] |
List of resources. |
Source code in pycfmodel/model/resources/properties/statement.py
56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
|
non_whitelisted_principals(self, whitelist)
¶
Find non whitelisted principals.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
whitelist |
List[str] |
List of whitelisted principals. |
required |
Returns:
Type | Description |
---|---|
List[str] |
List of principals. |
Source code in pycfmodel/model/resources/properties/statement.py
138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 |
|
principals_with(self, pattern)
¶
Finds all principals which match the pattern.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
pattern |
Pattern |
Pattern to match. |
required |
Returns:
Type | Description |
---|---|
List[str] |
List of principals. |
Source code in pycfmodel/model/resources/properties/statement.py
108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 |
|
resources_with(self, pattern)
¶
Finds all resources which match the pattern.
Parameters:
Name | Type | Description | Default |
---|---|---|---|
pattern |
Pattern |
Pattern to match. |
required |
Returns:
Type | Description |
---|---|
List[str] |
List of resources. |
Source code in pycfmodel/model/resources/properties/statement.py
124 125 126 127 128 129 130 131 132 133 134 135 136 |
|