🗓 Feb 3, 2023 5:45:14 PM

🚀 azure policies updated
✨ new azure policies added

aws/policy/apigatewayv2.go

@@ -0,0 +1,99 @@
+package policy
+
+// APIGatewayV2Policies policy
+var APIGatewayV2Policies = map[string]Service{
+	"GetApis": {
+		Method:        "GET",
+		ServiceSuffix: "v2/apis",
+		Permission:    "GetApis",
+	},
+	"GetDomainNames": {
+		Method:        "GET",
+		ServiceSuffix: "v2/domainnames",
+		Permission:    "GetDomainNames",
+	},
+	"GetVpcLinks": {
+		Method:        "GET",
+		ServiceSuffix: "v2/vpclinks",
+		Permission:    "GetVpcLinks",
+	},
+
+	// extra
+	"GetApi": {
+		ServiceSuffix:          "/v2/apis/{{.api_id}}",
+		Permission:             "GetApi",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "api_id",
+	},
+	"GetApiMappings": {
+		ServiceSuffix:          "/v2/domainnames/{{.domain_name}}/apimappings",
+		Permission:             "GetApiMappings",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "domain_name",
+	},
+	"GetAuthorizers": {
+		ServiceSuffix:          "/v2/apis/{{.api_id}}/authorizers",
+		Permission:             "GetAuthorizers",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "api_id",
+	},
+	"GetDeployments": {
+		ServiceSuffix:          "/v2/apis/{{.api_id}}/deployments",
+		Permission:             "GetDeployments",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "api_id",
+	},
+	"GetDomainName": {
+		ServiceSuffix:          "/v2/domainnames/{{.domain_name}}",
+		Permission:             "GetDomainName",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "domain_name",
+	},
+	"GetIntegrations": {
+		ServiceSuffix:          "/v2/apis/{{.api_id}}/integrations",
+		Permission:             "GetIntegrations",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "api_id",
+	},
+	"GetModels": {
+		ServiceSuffix:          "/v2/apis/{{.api_id}}/models",
+		Permission:             "GetModels",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "api_id",
+	},
+	"GetRoutes": {
+		ServiceSuffix:          "/v2/apis/{{.api_id}}/routes",
+		Permission:             "GetRoutes",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "api_id",
+	},
+	"GetStages": {
+		ServiceSuffix:          "/v2/apis/{{.api_id}}/stages",
+		Permission:             "GetStages",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "api_id",
+	},
+	"GetTags": {
+		ServiceSuffix:          "/v2/tags/{{.resource_arn}}",
+		Permission:             "GetTags",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "resource_arn",
+	},
+	"GetVpcLink": {
+		ServiceSuffix:          "/v2/vpclinks/{{.vpc_link_id}}",
+		Permission:             "GetVpcLink",
+		ExtraComponentLocation: "path",
+		IsExtra:                true,
+		ExtraCommandLineFlag:   "vpc_link_id",
+	},
+}

aws/policy/iot_graph.go

@@ -0,0 +1,189 @@
+package policy
+
+import "github.com/securisec/cliam/shared"
+
+// IOTGraphPolicies policy
+var IOTGraphPolicies = map[string]Service{
+	"DeploySystemInstance": {
+		Method:   "POST",
+		JsonData: map[string]string{},
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.DeploySystemInstance",
+		},
+		Permission: "DeploySystemInstance",
+	},
+	"DescribeNamespace": {
+		Method:   "POST",
+		JsonData: map[string]string{},
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.DescribeNamespace",
+		},
+		Permission: "DescribeNamespace",
+	},
+	"GetNamespaceDeletionStatus": {
+		Method:   "POST",
+		JsonData: map[string]string{},
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.GetNamespaceDeletionStatus",
+		},
+		Permission: "GetNamespaceDeletionStatus",
+	},
+	"SearchFlowTemplates": {
+		Method:   "POST",
+		JsonData: map[string]string{},
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.SearchFlowTemplates",
+		},
+		Permission: "SearchFlowTemplates",
+	},
+	"SearchSystemInstances": {
+		Method:   "POST",
+		JsonData: map[string]string{},
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.SearchSystemInstances",
+		},
+		Permission: "SearchSystemInstances",
+	},
+	"SearchSystemTemplates": {
+		Method:   "POST",
+		JsonData: map[string]string{},
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.SearchSystemTemplates",
+		},
+		Permission: "SearchSystemTemplates",
+	},
+	"UndeploySystemInstance": {
+		Method:   "POST",
+		JsonData: map[string]string{},
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.UndeploySystemInstance",
+		},
+		Permission: "UndeploySystemInstance",
+	},
+	"UploadEntityDefinitions": {
+		Method:   "POST",
+		JsonData: map[string]string{},
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.UploadEntityDefinitions",
+		},
+		Permission: "UploadEntityDefinitions",
+	},
+
+	// extra
+	"GetEntities": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.GetEntities",
+		},
+		Permission:             "GetEntities",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "ids",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "ids",
+	},
+	"GetFlowTemplate": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.GetFlowTemplate",
+		},
+		Permission:             "GetFlowTemplate",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "id",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "id",
+	},
+	"GetFlowTemplateRevisions": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.GetFlowTemplateRevisions",
+		},
+		Permission:             "GetFlowTemplateRevisions",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "id",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "id",
+	},
+	"GetSystemInstance": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.GetSystemInstance",
+		},
+		Permission:             "GetSystemInstance",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "id",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "id",
+	},
+	"GetSystemTemplate": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.GetSystemTemplate",
+		},
+		Permission:             "GetSystemTemplate",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "id",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "id",
+	},
+	"GetSystemTemplateRevisions": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.GetSystemTemplateRevisions",
+		},
+		Permission:             "GetSystemTemplateRevisions",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "id",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "id",
+	},
+	"GetUploadStatus": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.GetUploadStatus",
+		},
+		Permission:             "GetUploadStatus",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "uploadId",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "upload_id",
+	},
+	"ListFlowExecutionMessages": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.ListFlowExecutionMessages",
+		},
+		Permission:             "ListFlowExecutionMessages",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "flowExecutionId",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "flow_execution_id",
+	},
+	"ListTagsForResource": {
+		Method: "POST",
+		Headers: map[string]string{
+			shared.CONTENT_TYPE_HEADER: aws_JSON_1_1,
+			aws_X_AMZ_TARGET:           "IotThingsGraphFrontEndService.ListTagsForResource",
+		},
+		Permission:             "ListTagsForResource",
+		IsExtra:                true,
+		ExtraComponentBodyKey:  "resourceArn",
+		ExtraComponentLocation: "json",
+		ExtraCommandLineFlag:   "resource_arn",
+	},
+}