Chris Partridge
Chris Partridge
Resolves #150. This is a demo of more accurate conditions handling within statement.py by addition of a new Condition class. This allows us to track the location of each condition...
From Policy Universe's `statement.py`, there's a lengthy comment on `StringNotLike` et al: > Extracts any ARNs, Account Numbers, UserIDs, Usernames, CIDRs, VPCs, and VPC Endpoints from a condition block. Ignores...
Pulling an example from the AWS documentation for API Gateway resource policies [here](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-resource-policies-examples.html#apigateway-resource-policies-source-vpc-example): ``` % cat test.py from policyuniverse.policy import Policy from json import loads from pprint import pprint json_policy...
Howdy! I noticed that policyuniverse doesn't detect possible bucket sniping - i.e. when a bucket it not owned by the account you expect it to be, as S3 ARNs don't...
This is the proposed change to fix #36 - note that this change *removes* a property as I don't believe it's relevant, but if preferred, I could readd that and...
The C API itself should probably be _compress_simple() and _decompress_simple(), then have a compress() and decompress() function in Python that increase the safety and usability of this function - for...
Hi there, old friends :) To make a recommendation: when people are using this tool, not all of them are understanding what the output of this tool means. As log4shell...