=====
awacs
=====
.. image:: https://img.shields.io/pypi/v/awacs.svg
:target: https://pypi.python.org/pypi/awacs
.. image:: https://travis-ci.org/cloudtools/awacs.png?branch=master
:target: https://travis-ci.org/cloudtools/awacs
.. image:: https://img.shields.io/pypi/l/awacs.svg
:target: https://opensource.org/licenses/BSD-2-Clause
About
=====
awacs - Amazon Web Access Control Subsystem
The awacs library allows for easier creation of AWS Access Policy
Language JSON by writing Python code to describe the AWS policies.
To facilitate catching policy format or JSON errors early the
library has property and type checking built into the classes.
**NOTE:** The old *awacs.aws.Policy* object is going to be deprecated in the
future, in preference for the *awacs.aws.PolicyDocument* class. This is due
to confusion that arises between the old object and *troposphere.iam.Policy*
objects.
Installation
============
awacs can be installed using the pip distribution system for python by
issuing:
.. code-block:: sh
$ pip install awacs
Alternatively, you can run use setup.py to install by cloning this repository
and issuing:
.. code-block:: sh
$ python setup.py install
Examples
========
An example to use this comes from the `AWS IAM`_ documentation.
This shows creating policy attached to an Amazon S3 bucket:
.. code-block:: python
from awacs.aws import Action, Allow, PolicyDocument, Principal, Statement
from awacs.iam import ARN as IAM_ARN
from awacs.s3 import ARN as S3_ARN
account = "123456789012"
user = "user/Bob"
pd = PolicyDocument(
Version="2012-10-17",
Id="S3-Account-Permissions",
Statement=[
Statement(
Sid="1",
Effect=Allow,
Principal=Principal("AWS", [IAM_ARN(user, '', account)]),
Action=[Action("s3", "*")],
Resource=[S3_ARN("my_corporate_bucket/*"),],
),
],
)
print(pd.to_json())
would produce this json policy:
.. code-block:: json
{
"Id": "S3-Account-Permissions",
"Statement": [
{
"Action": [
"s3:*"
],
"Effect": "Allow",
"Principal": [
{
"AWS": [
"arn:aws:iam::123456789012:user/Bob"
]
}
],
"Resource": [
"arn:aws:s3:::my_corporate_bucket/*"
],
"Sid": "1"
}
],
"Version": "2012-10-17"
}
Community
=========
We have a google group, cloudtools-dev_, where you can ask questions and
engage with the cloudtools/awacs community. Issues & pull requests are always
welcome!
.. _`AWS IAM`: http://docs.aws.amazon.com/IAM/latest/UserGuide/PoliciesOverview.html
.. _cloudtools-dev: https://groups.google.com/forum/#!forum/cloudtools-dev
Contributing new actions
========================
To update actions there is a generator tool which will scrape policies from
AWS's documentation resource and auto-generate new files.
The following commands can be run (with Python 3.7+) to update the repo:
.. code-block:: sh
$ python3 -m pip install -r scrape/requirements.txt
$ python3 -m pip install .
$ python3 ./scrape/scrape.py
$ git diff
Raw data
{
"_id": null,
"home_page": "https://github.com/cloudtools/awacs",
"name": "awacs",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7.0",
"maintainer_email": "",
"keywords": "",
"author": "Mark Peek",
"author_email": "mark@peek.org",
"download_url": "https://files.pythonhosted.org/packages/3f/fc/a6c46e95967982836c69ac45698e113f3aea52ca35cd7f7ffa792ba7d2f9/awacs-2.4.1.tar.gz",
"platform": null,
"description": "=====\nawacs\n=====\n\n.. image:: https://img.shields.io/pypi/v/awacs.svg\n :target: https://pypi.python.org/pypi/awacs\n\n.. image:: https://travis-ci.org/cloudtools/awacs.png?branch=master\n :target: https://travis-ci.org/cloudtools/awacs\n\n.. image:: https://img.shields.io/pypi/l/awacs.svg\n :target: https://opensource.org/licenses/BSD-2-Clause\n\nAbout\n=====\n\nawacs - Amazon Web Access Control Subsystem\n\nThe awacs library allows for easier creation of AWS Access Policy\nLanguage JSON by writing Python code to describe the AWS policies.\nTo facilitate catching policy format or JSON errors early the\nlibrary has property and type checking built into the classes.\n\n**NOTE:** The old *awacs.aws.Policy* object is going to be deprecated in the\nfuture, in preference for the *awacs.aws.PolicyDocument* class. This is due\nto confusion that arises between the old object and *troposphere.iam.Policy*\nobjects.\n\n\nInstallation\n============\n\nawacs can be installed using the pip distribution system for python by\nissuing:\n\n.. code-block:: sh\n\n $ pip install awacs\n\nAlternatively, you can run use setup.py to install by cloning this repository\nand issuing:\n\n.. code-block:: sh\n\n $ python setup.py install\n\nExamples\n========\n\nAn example to use this comes from the `AWS IAM`_ documentation.\nThis shows creating policy attached to an Amazon S3 bucket:\n\n.. code-block:: python\n\n from awacs.aws import Action, Allow, PolicyDocument, Principal, Statement\n from awacs.iam import ARN as IAM_ARN\n from awacs.s3 import ARN as S3_ARN\n\n account = \"123456789012\"\n user = \"user/Bob\"\n\n pd = PolicyDocument(\n Version=\"2012-10-17\",\n Id=\"S3-Account-Permissions\",\n Statement=[\n Statement(\n Sid=\"1\",\n Effect=Allow,\n Principal=Principal(\"AWS\", [IAM_ARN(user, '', account)]),\n Action=[Action(\"s3\", \"*\")],\n Resource=[S3_ARN(\"my_corporate_bucket/*\"),],\n ),\n ],\n )\n print(pd.to_json())\n\nwould produce this json policy:\n\n.. code-block:: json\n\n {\n \"Id\": \"S3-Account-Permissions\", \n \"Statement\": [\n {\n \"Action\": [\n \"s3:*\"\n ], \n \"Effect\": \"Allow\", \n \"Principal\": [\n {\n \"AWS\": [\n \"arn:aws:iam::123456789012:user/Bob\"\n ]\n }\n ], \n \"Resource\": [\n \"arn:aws:s3:::my_corporate_bucket/*\"\n ], \n \"Sid\": \"1\"\n }\n ], \n \"Version\": \"2012-10-17\"\n }\n\nCommunity\n=========\n\nWe have a google group, cloudtools-dev_, where you can ask questions and\nengage with the cloudtools/awacs community. Issues & pull requests are always\nwelcome!\n\n.. _`AWS IAM`: http://docs.aws.amazon.com/IAM/latest/UserGuide/PoliciesOverview.html\n.. _cloudtools-dev: https://groups.google.com/forum/#!forum/cloudtools-dev\n\nContributing new actions\n========================\n\nTo update actions there is a generator tool which will scrape policies from\nAWS's documentation resource and auto-generate new files.\nThe following commands can be run (with Python 3.7+) to update the repo:\n\n.. code-block:: sh\n\n $ python3 -m pip install -r scrape/requirements.txt\n $ python3 -m pip install .\n $ python3 ./scrape/scrape.py\n $ git diff\n",
"bugtrack_url": null,
"license": "New BSD license",
"summary": "AWS Access Policy Language creation library",
"version": "2.4.1",
"project_urls": {
"Changelog": "https://github.com/cloudtools/awacs/blob/master/CHANGELOG.md",
"Homepage": "https://github.com/cloudtools/awacs",
"Source": "https://github.com/cloudtools/awacs",
"Tracker": "https://github.com/cloudtools/awacs/issues"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "0f5a533a0406d0de3662cb3ea70dc66b0a5f671b6ee00afabf2876c6412c68a0",
"md5": "86807c2ca8dc45776e76a9d261c8a5e2",
"sha256": "8c54470f6a2d45de1ec2907417b46f791e44bf6e7d2d5a581ca1d5153b3ea9e6"
},
"downloads": -1,
"filename": "awacs-2.4.1-py3-none-any.whl",
"has_sig": false,
"md5_digest": "86807c2ca8dc45776e76a9d261c8a5e2",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7.0",
"size": 354689,
"upload_time": "2023-12-22T23:48:04",
"upload_time_iso_8601": "2023-12-22T23:48:04.555665Z",
"url": "https://files.pythonhosted.org/packages/0f/5a/533a0406d0de3662cb3ea70dc66b0a5f671b6ee00afabf2876c6412c68a0/awacs-2.4.1-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "3ffca6c46e95967982836c69ac45698e113f3aea52ca35cd7f7ffa792ba7d2f9",
"md5": "6ad97f54f1ca3b3fefdca791cf2ed736",
"sha256": "b0da356ae56374ea872c6cdb00946bb22e9cd817c3f3ad6b008019e3a45d8040"
},
"downloads": -1,
"filename": "awacs-2.4.1.tar.gz",
"has_sig": false,
"md5_digest": "6ad97f54f1ca3b3fefdca791cf2ed736",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7.0",
"size": 183775,
"upload_time": "2023-12-22T23:48:07",
"upload_time_iso_8601": "2023-12-22T23:48:07.164784Z",
"url": "https://files.pythonhosted.org/packages/3f/fc/a6c46e95967982836c69ac45698e113f3aea52ca35cd7f7ffa792ba7d2f9/awacs-2.4.1.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-12-22 23:48:07",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "cloudtools",
"github_project": "awacs",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"tox": true,
"lcname": "awacs"
}
JSON
