Scanner for the role rules engine.

class RoleScanner(global_configs, scanner_configs, service_config, model_name, snapshot_timestamp, rules)[source]


Scanner for role.

_abc_cache = <_weakrefset.WeakSet object>
_abc_negative_cache = <_weakrefset.WeakSet object>
_abc_negative_cache_version = 214
_abc_registry = <_weakrefset.WeakSet object>

Find violations in the resources with role policies.

Parameters:resources (list) – List of custom roles.
Returns:All violations.
Return type:list
static _flatten_violations(violations)[source]

Flatten RuleViolations into a dict for each RuleViolation member.

Parameters:violations (list) – The RuleViolations to flatten.
Yields:dict – Iterator of RuleViolations as a dict per member.

Output results.

Parameters:all_violations (list) – All violations.

Retrieves the data for scanner.

Returns:a list of custom Roles, no curated roles.
Return type:list

Run, the entry point for this scanner.