├── .github └── workflows │ └── tests.yml ├── .gitignore ├── LICENSE.md ├── README.md ├── conditions.json.example ├── iamspy ├── __init__.py ├── cli.py ├── conditions.py ├── datatypes.py ├── iam.py ├── log_config.py ├── model.py ├── parse.py └── utils.py ├── poetry.lock ├── pyproject.toml ├── resources.json.example ├── tests ├── __init__.py ├── files │ ├── allow-testing-s3.json │ ├── allow-with-conditions.json │ ├── basic-allow.json │ ├── basic-deny.json │ ├── batch-allow.json │ ├── batch-resource.json │ ├── cross-account-rp.json │ ├── gaad-uppercase.json │ ├── resource-s3-allow-all.json │ ├── resource-s3-allow-testing.json │ ├── resource-s3-deny-testing2.json │ ├── resource-uppercase.json │ ├── role-boundary-allow.json │ ├── role-boundary-deny.json │ ├── role-boundary-no-policies.json │ ├── scp-basic.json │ ├── scp-deny-lambda.json │ ├── scp-deny-lambda2.json │ ├── user-allow-check.json │ ├── user-boundary-allow.json │ └── user-boundary-deny.json └── test_integration.py ├── tox.ini └── utils ├── download-scps.py └── gaad.py /.github/workflows/tests.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/.github/workflows/tests.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/LICENSE.md -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/README.md -------------------------------------------------------------------------------- /conditions.json.example: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/conditions.json.example -------------------------------------------------------------------------------- /iamspy/__init__.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/__init__.py -------------------------------------------------------------------------------- /iamspy/cli.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/cli.py -------------------------------------------------------------------------------- /iamspy/conditions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/conditions.py -------------------------------------------------------------------------------- /iamspy/datatypes.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/datatypes.py -------------------------------------------------------------------------------- /iamspy/iam.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/iam.py -------------------------------------------------------------------------------- /iamspy/log_config.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/log_config.py -------------------------------------------------------------------------------- /iamspy/model.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/model.py -------------------------------------------------------------------------------- /iamspy/parse.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/parse.py -------------------------------------------------------------------------------- /iamspy/utils.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/iamspy/utils.py -------------------------------------------------------------------------------- /poetry.lock: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/poetry.lock -------------------------------------------------------------------------------- /pyproject.toml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/pyproject.toml -------------------------------------------------------------------------------- /resources.json.example: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/resources.json.example -------------------------------------------------------------------------------- /tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/files/allow-testing-s3.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/allow-testing-s3.json -------------------------------------------------------------------------------- /tests/files/allow-with-conditions.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/allow-with-conditions.json -------------------------------------------------------------------------------- /tests/files/basic-allow.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/basic-allow.json -------------------------------------------------------------------------------- /tests/files/basic-deny.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/basic-deny.json -------------------------------------------------------------------------------- /tests/files/batch-allow.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/batch-allow.json -------------------------------------------------------------------------------- /tests/files/batch-resource.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/batch-resource.json -------------------------------------------------------------------------------- /tests/files/cross-account-rp.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/cross-account-rp.json -------------------------------------------------------------------------------- /tests/files/gaad-uppercase.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/gaad-uppercase.json -------------------------------------------------------------------------------- /tests/files/resource-s3-allow-all.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/resource-s3-allow-all.json -------------------------------------------------------------------------------- /tests/files/resource-s3-allow-testing.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/resource-s3-allow-testing.json -------------------------------------------------------------------------------- /tests/files/resource-s3-deny-testing2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/resource-s3-deny-testing2.json -------------------------------------------------------------------------------- /tests/files/resource-uppercase.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/resource-uppercase.json -------------------------------------------------------------------------------- /tests/files/role-boundary-allow.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/role-boundary-allow.json -------------------------------------------------------------------------------- /tests/files/role-boundary-deny.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/role-boundary-deny.json -------------------------------------------------------------------------------- /tests/files/role-boundary-no-policies.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/role-boundary-no-policies.json -------------------------------------------------------------------------------- /tests/files/scp-basic.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/scp-basic.json -------------------------------------------------------------------------------- /tests/files/scp-deny-lambda.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/scp-deny-lambda.json -------------------------------------------------------------------------------- /tests/files/scp-deny-lambda2.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/scp-deny-lambda2.json -------------------------------------------------------------------------------- /tests/files/user-allow-check.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/user-allow-check.json -------------------------------------------------------------------------------- /tests/files/user-boundary-allow.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/user-boundary-allow.json -------------------------------------------------------------------------------- /tests/files/user-boundary-deny.json: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/files/user-boundary-deny.json -------------------------------------------------------------------------------- /tests/test_integration.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tests/test_integration.py -------------------------------------------------------------------------------- /tox.ini: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/tox.ini -------------------------------------------------------------------------------- /utils/download-scps.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/utils/download-scps.py -------------------------------------------------------------------------------- /utils/gaad.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ReversecLabs/IAMSpy/HEAD/utils/gaad.py --------------------------------------------------------------------------------