altimeter.aws.resource.iam package

Submodules

altimeter.aws.resource.iam.account_password_policy module

Resource for Account Password Policy

class IAMAccountPasswordPolicyResourceSpec

Bases: altimeter.aws.resource.iam.IAMResourceSpec

Resource for Account Password Policy

DEFAULT_PASSWORD_POLICY_NAME = 'default'
classmethod list_from_aws(client, account_id, region)

Return a dict of dicts of the format:

{‘account_password_policy_1_arn’: {account_password_policy_1_dict}}

Where the dicts represent results from get_account_password_policy.

Return type

ListFromAWSResult

schema: Schema = <altimeter.core.graph.schema.Schema object>
type_name: str = 'account-password-policy'

altimeter.aws.resource.iam.group module

Resource for IAM Groups

class IAMGroupResourceSpec

Bases: altimeter.aws.resource.iam.IAMResourceSpec

Resource for IAM Groups

classmethod list_from_aws(client, account_id, region)

Return a dict of dicts of the format:

{‘group_1_arn’: {group_1_dict},

‘group_2_arn’: {group_2_dict}, …}

Where the dicts represent results from list_groups.

Return type

ListFromAWSResult

schema: Schema = <altimeter.core.graph.schema.Schema object>
type_name: str = 'group'

altimeter.aws.resource.iam.iam_saml_provider module

Resource for IAM SAML Providers

class IAMSAMLProviderResourceSpec

Bases: altimeter.aws.resource.iam.IAMResourceSpec

Resource for IAM SAML Providers

classmethod list_from_aws(client, account_id, region)

Return a dict of dicts of the format:

{‘saml_provider_1_arn’: {saml_provider_1_dict},

‘saml_provider_2_arn’: {saml_provider_2_dict}, …}

Where the dicts represent results from list_saml_providers and additional info per saml_provider list_saml_providers. An additional ‘Name’ key is added.

Return type

ListFromAWSResult

schema: Schema = <altimeter.core.graph.schema.Schema object>
type_name: str = 'saml-provider'

altimeter.aws.resource.iam.instance_profile module

Resource for Instance Profiles

class InstanceProfileResourceSpec

Bases: altimeter.aws.resource.iam.IAMResourceSpec

Resource for Instance Profiles

classmethod list_from_aws(client, account_id, region)

Return a dict of dicts of the format:

{‘instance_profile_1_arn’: {instance_profile_1_dict},

‘instance_profile_2_arn’: {instance_profile_2_dict}, …}

Where the dicts represent results from list_instance_profiles.

Return type

ListFromAWSResult

schema: Schema = <altimeter.core.graph.schema.Schema object>
type_name: str = 'instance-profile'

altimeter.aws.resource.iam.policy module

Resource for IAM Policies

class IAMAWSManagedPolicyResourceSpec

Bases: altimeter.aws.resource.iam.IAMResourceSpec

Resource for AWS-managed IAM Policies

classmethod list_from_aws(client, account_id, region)

Return a dict of dicts of the format:

{‘role_1_arn’: {role_1_dict},

‘role_2_arn’: {role_2_dict}, …}

Where the dicts represent results from list_policies and additional info per role from list_targets_by_role.

Return type

ListFromAWSResult

schema: Schema = <altimeter.core.graph.schema.Schema object>
type_name: str = 'policy'
class IAMPolicyResourceSpec

Bases: altimeter.aws.resource.iam.IAMResourceSpec

Resource for user-managed IAM Policies

classmethod list_from_aws(client, account_id, region)

Return a dict of dicts of the format:

{‘role_1_arn’: {role_1_dict},

‘role_2_arn’: {role_2_dict}, …}

Where the dicts represent results from list_policies and additional info per role from list_targets_by_role.

Return type

ListFromAWSResult

parallel_scan: bool = True
schema: Schema = <altimeter.core.graph.schema.Schema object>
type_name: str = 'policy'

altimeter.aws.resource.iam.role module

Resource for IAM Roles

class IAMRoleResourceSpec

Bases: altimeter.aws.resource.iam.IAMResourceSpec

Resource for IAM Roles

classmethod list_from_aws(client, account_id, region)

Return a dict of dicts of the format:

{‘role_1_arn’: {role_1_dict},

‘role_2_arn’: {role_2_dict}, …}

Where the dicts represent results from list_roles and additional info per role from list_targets_by_role.

Return type

ListFromAWSResult

parallel_scan: bool = True
schema: Schema = <altimeter.core.graph.schema.Schema object>
type_name: str = 'role'
get_attached_role_policies(client, role_name)

Get attached role policies

Return type

List[Dict[str, Any]]

altimeter.aws.resource.iam.user module

Resource for IAM Users

class IAMUserResourceSpec

Bases: altimeter.aws.resource.iam.IAMResourceSpec

Resource for IAM Users

classmethod list_from_aws(client, account_id, region)

Return a dict of dicts of the format:

{‘user_1_arn’: {user_1_dict},

‘user_2_arn’: {user_2_dict}, …}

Where the dicts represent results from list_users and additional info per user from list_targets_by_user.

Return type

ListFromAWSResult

schema: Schema = <altimeter.core.graph.schema.Schema object>
type_name: str = 'user'

Module contents

Base class for IAM resources.

class IAMResourceSpec

Bases: altimeter.aws.resource.resource_spec.AWSResourceSpec

Base class for IAM resources.

scan_granularity: altimeter.aws.resource.resource_spec.ScanGranularity = 2
service_name: str = 'iam'