From 66c6588a8559def5fd644cbc66196ff2009aada9 Mon Sep 17 00:00:00 2001 From: KevinHock Date: Mon, 7 Dec 2020 08:28:32 -0800 Subject: [PATCH] Stop more checks if invalid resources are found (#159) * :mortar_board: Update managed policies repo link to @z0ph's * :bug: Stop more checks if invalid resources are found * :mortar_board: Fix spelling --- README.md | 2 +- parliament/__init__.py | 4 ++-- parliament/statement.py | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 6e5c083..4ec9628 100644 --- a/README.md +++ b/README.md @@ -41,7 +41,7 @@ This example is showing that the action s3:GetObject requires a resource matchin The different input types allowed include: - --file: Filename - --directory: A directory path, for exmaple: `--directory . --include_policy_extension json --exclude_pattern ".*venv.*"` -- --aws-managed-policies: For use specifically with the repo https://github.com/SummitRoute/aws_managed_policies +- --aws-managed-policies: For use specifically with the repo https://github.com/z0ph/aws_managed_policies - --auth-details-file: For use with the file returned by "aws iam get-account-authorization-details" - --string: Provide a string such as '{"Version": "2012-10-17","Statement": {"Effect": "Allow","Action": ["s3:GetObject", "s3:PutBucketPolicy"],"Resource": ["arn:aws:s3:::bucket1", "arn:aws:s3:::bucket2/*"]}}' diff --git a/parliament/__init__.py b/parliament/__init__.py index 2683103..791a0e7 100644 --- a/parliament/__init__.py +++ b/parliament/__init__.py @@ -32,8 +32,8 @@ def override_config(override_config_path): for finding_type, settings in override_config.items(): if finding_type not in config: config[finding_type] = {} - for setting, settting_value in settings.items(): - config[finding_type][setting] = settting_value + for setting, setting_value in settings.items(): + config[finding_type][setting] = setting_value def enhance_finding(finding): diff --git a/parliament/statement.py b/parliament/statement.py index 8f014c8..a6c656b 100644 --- a/parliament/statement.py +++ b/parliament/statement.py @@ -641,7 +641,7 @@ def analyze_statement(self): """ Given a statement, look for problems and extract out the parts. - If it is maformed, return False + If it is malformed, return False """ actions = [] resources = [] @@ -955,4 +955,4 @@ def analyze_statement(self): "RESOURCE_STAR", detail=sorted(self.resource_star), location=self.stmt ) - return True + return not has_malformed_resource