Skip to content

Commit

Permalink
Merge pull request #8 from exoego/managed-policy
Browse files Browse the repository at this point in the history 
feat: Search managed policy from IAM action
  • Loading branch information
@iann0036
iann0036 authored Oct 7, 2023
2 parents f819973 + d174bb2 commit d8335b7
Showing 1 changed file with 19 additions and 6 deletions.
25 changes: 19 additions & 6 deletions assets/js/aws.permissions.cloud.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -295,7 +295,7 @@ function processCustomPolicy(iam_def, tags) {
return;
}
}

var condition = null;
if (statement['Condition']) {
condition = statement['Condition'];
Expand Down Expand Up @@ -627,6 +627,21 @@ async function processReferencePage() {
let tags_data = await fetch('https://iann0036.github.io/iam-dataset/aws/tags.json');
let tags = await tags_data.json();

const managedpolicies_data = await fetch('https://raw.githubusercontent.com/iann0036/iam-dataset/main/aws/managed_policies.json');
const managedpolicies = await managedpolicies_data.json();
for (const managedpolicy of managedpolicies['policies']) {
// Enrich for search
managedpolicy['effective_action_names'] = managedpolicy['effective_action_names'].map(a => {
const fullpriv = a.toLowerCase();
const [prefix, privilege] = fullpriv.split(":");
return {
fullpriv,
prefix,
privilege,
}
});
}

$('#actions-table tbody').html('');

iam_def.sort((a, b) => a['service_name'].replace("Amazon ", "").replace("AWS ", "") < b['service_name'].replace("Amazon ", "").replace("AWS ", "") ? -1 : 1)
Expand Down Expand Up @@ -721,7 +736,7 @@ async function processReferencePage() {
html = '';
results = [];
for (let managedpolicy of managedpolicies['policies']) {
if (managedpolicy['name'].toLowerCase().includes(searchterm)) {
if (managedpolicy['name'].toLowerCase().includes(searchterm) || managedpolicy['effective_action_names'].some(a => a['fullpriv'].startsWith(searchterm) || a['prefix'].startsWith(searchterm) || a['privilege'].startsWith(searchterm))) {
results.push(managedpolicy['name']);
}
if (results.length >= 10) break;
Expand Down Expand Up @@ -843,7 +858,7 @@ async function processReferencePage() {
}

actions_table_content += '<tr id="' + service['prefix'] + '-' + privilege['privilege'] + '">\
<td rowspan="' + rowspan + '" class="tx-medium"><span class="tx-color-03">' + service['prefix'] + ':</span>' + privilege['privilege'] + (privilege['access_level'] == "Unknown" ? ' <span class="badge badge-danger">undocumented</span>' : '') + '</td>\
<td rowspan="' + rowspan + '" class="tx-medium"><a href="/actions/' + service['prefix'] + ':' + privilege['privilege'] + '"><span class="tx-color-03">' + service['prefix'] + ':</span>' + privilege['privilege'] + (privilege['access_level'] == "Unknown" ? ' <span class="badge badge-danger">undocumented</span>' : '') + '</a></td>\
<td rowspan="' + rowspan + '" class="tx-normal">' + privilege['description'] + '</td>\
<td rowspan="' + rowspan + '" class="tx-medium">' + used_by + '</td>\
<td rowspan="' + rowspan + '" class="' + access_class + '">' + privilege['access_level'] + '</td>\
Expand Down Expand Up @@ -1000,8 +1015,6 @@ async function processReferencePage() {

// managed policies
let managedpolicies_table_content = '';
let managedpolicies_data = await fetch('https://raw.githubusercontent.com/iann0036/iam-dataset/main/aws/managed_policies.json');
let managedpolicies = await managedpolicies_data.json();

managedpolicies['policies'].sort(function(a, b) {
if (a['name'] < b['name']) {
Expand Down Expand Up @@ -1068,7 +1081,7 @@ async function processReferencePage() {
processCustomPolicy(iam_def, tags);
}, 800);
});

$('#custompolicy-considerarn').change(function() {
clearTimeout(custom_policy_timer);
custom_policy_timer = setTimeout(function(){
Expand Down

0 comments on commit d8335b7

Please sign in to comment.