-
-
Save dgwhited/3cda4714753d32b5f3acb7245b94ce6e to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def check_for_wildcard(policy): | |
# Make sure Statement is a list | |
if type(policy.policy_json['Statement']) is dict: | |
policy.policy_json['Statement'] = [ policy.policy_json['Statement'] ] | |
for sid in policy.policy_json['Statement']: | |
if 'Action' in sid: | |
# Action should be a list for easy iteration | |
if type(sid['Action']) is str: | |
sid['Action'] = [ sid['Action'] ] | |
# Check each action in the list if it has a wildcard, add finding if so. | |
for action in sid['Action']: | |
if '*' in action: | |
policy.add_finding('Action_Wildcard', location={"action": action}) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment