zachlankton · April 26, 2024 11:49
diff --git a/find_policy_with_action.py b/find_policy_with_action.py
 import boto3

 iam = boto3.client('iam')

 def find_policies_with_action(action):
    policies = iam.list_policies()['Policies']
    for policy in policies:
        policy_arn = policy['Arn']
        default_version_id = policy['DefaultVersionId']
        policy_version = iam.get_policy_version(PolicyArn=policy_arn, VersionId=default_version_id)
        policy_document = policy_version['PolicyVersion']['Document']
        if 'Statement' in policy_document:
            statements = policy_document['Statement']
            if isinstance(statements, dict):
                statements = [statements]  # Convert single statement object to a list
            for statement in statements:
                if 'Action' in statement:
                    actions = statement['Action']
                    if isinstance(action, list):
                        if any(action in res for res in actions):
                            print(f"Policy: {policy['PolicyName']} (Action: {policy_arn})")
                            break
                    elif isinstance(actions, str):
                        if action in actions:
                            print(f"Policy: {policy['PolicyName']} (Action: {policy_arn})")
                            break

 # Example usage
 find_policies_with_action('sts:AssumeRole')
diff --git a/find_policy_with_resource.py b/find_policy_with_resource.py
 import boto3

 iam = boto3.client('iam')

 def find_policies_with_arn(arn):
    policies = iam.list_policies()['Policies']
    for policy in policies:
        policy_arn = policy['Arn']
        default_version_id = policy['DefaultVersionId']
        policy_version = iam.get_policy_version(PolicyArn=policy_arn, VersionId=default_version_id)
        policy_document = policy_version['PolicyVersion']['Document']
        if 'Statement' in policy_document:
            statements = policy_document['Statement']
            if isinstance(statements, dict):
                statements = [statements]  # Convert single statement object to a list
            for statement in statements:
                if 'Resource' in statement:
                    resource = statement['Resource']
                    if isinstance(resource, list):
                        if any(arn in res for res in resource):
                            print(f"Policy: {policy['PolicyName']} (ARN: {policy_arn})")
                            break
                    elif isinstance(resource, str):
                        if arn in resource:
                            print(f"Policy: {policy['PolicyName']} (ARN: {policy_arn})")
                            break

 # Example usage
 find_policies_with_arn('arn:aws:secretsmanager')
	import boto3

	iam = boto3.client('iam')

	def find_policies_with_action(action):
	policies = iam.list_policies()['Policies']
	for policy in policies:
	policy_arn = policy['Arn']
	default_version_id = policy['DefaultVersionId']
	policy_version = iam.get_policy_version(PolicyArn=policy_arn, VersionId=default_version_id)
	policy_document = policy_version['PolicyVersion']['Document']
	if 'Statement' in policy_document:
	statements = policy_document['Statement']
	if isinstance(statements, dict):
	statements = [statements] # Convert single statement object to a list
	for statement in statements:
	if 'Action' in statement:
	actions = statement['Action']
	if isinstance(action, list):
	if any(action in res for res in actions):
	print(f"Policy: {policy['PolicyName']} (Action: {policy_arn})")
	break
	elif isinstance(actions, str):
	if action in actions:
	print(f"Policy: {policy['PolicyName']} (Action: {policy_arn})")
	break

	# Example usage
	find_policies_with_action('sts:AssumeRole')
	import boto3

	iam = boto3.client('iam')

	def find_policies_with_arn(arn):
	policies = iam.list_policies()['Policies']
	for policy in policies:
	policy_arn = policy['Arn']
	default_version_id = policy['DefaultVersionId']
	policy_version = iam.get_policy_version(PolicyArn=policy_arn, VersionId=default_version_id)
	policy_document = policy_version['PolicyVersion']['Document']
	if 'Statement' in policy_document:
	statements = policy_document['Statement']
	if isinstance(statements, dict):
	statements = [statements] # Convert single statement object to a list
	for statement in statements:
	if 'Resource' in statement:
	resource = statement['Resource']
	if isinstance(resource, list):
	if any(arn in res for res in resource):
	print(f"Policy: {policy['PolicyName']} (ARN: {policy_arn})")
	break
	elif isinstance(resource, str):
	if arn in resource:
	print(f"Policy: {policy['PolicyName']} (ARN: {policy_arn})")
	break

	# Example usage
	find_policies_with_arn('arn:aws:secretsmanager')