o g@s0ddlmZddlmZmZddZddZdS)) defaultdict) is_arn_match expand_actioncCs t|d}d|d|dS)Nrz{}:{}serviceaction)rformat) operationdatar l/home/ubuntu/cloudmapper/venv/lib/python3.10/site-packages/parliament/community_auditors/sensitive_access.py_expand_actions r c Cs|}z |jdd}Wn tyi}Ynwtt}|D]}t|d}t|}t|d}|||qi}|D]}t|}| d\} } | | | ||<qA|D] }||D]} ||D]} t d| | rw|j d| |ddqeq_qYdS)NSENSITIVE_ACCESS resourcesr:object)resourceactions)location) get_allowed_actionsconfigKeyErrorrlistkeysr valuesextendsplitget_allowed_resourcesr add_finding) policyallowed_actionsconfig_resourcessensitive_resourcesitemrexpanded_actionraction_resourcesrraction_resourcesensitive_resourcer r r audit s>     r'N) collectionsr parliamentrrr r'r r r r s