Scanner for the KMS rules engine.

class KMSScanner(global_configs, scanner_configs, service_config, model_name, snapshot_timestamp, rules)[source]


Scanner for CryptoKeys data.

_abc_cache = <_weakrefset.WeakSet object>
_abc_negative_cache = <_weakrefset.WeakSet object>
_abc_negative_cache_version = 214
_abc_registry = <_weakrefset.WeakSet object>

Find violations in the policies.

Parameters:keys (list) – CryptoKeys to find violations in.
Returns:All violations.
Return type:list
static _flatten_violations(violations)[source]

Flatten RuleViolations into a dict for each RuleViolation member.

Parameters:violations (list) – The RuleViolations to flatten.
Yields:dict – Iterator of RuleViolations as a dict per member.

Output results.

Parameters:all_violations (list) – All violations.

Runs the data collection.

Returns:CryptoKey objects.
Return type:list
Raises:ValueError – if resources have an unexpected type.

Run, the entry point for this scanner.