in cfn_policy_validator/parsers/identity.py [0:0]
def parse(cls, template, account_config):
parsers = {
'AWS::IAM::Role': RoleParser(account_config.region),
'AWS::IAM::Policy': InlinePolicyParser(),
'AWS::IAM::ManagedPolicy': ManagedPolicyParser(account_config),
'AWS::IAM::User': UserParser(account_config.region),
'AWS::IAM::Group': GroupParser(account_config.region),
'AWS::SSO::PermissionSet': PermissionSetParser(account_config.region)
}
# topologically sort which allows us to process dependent resources first
sorter = TopologicalSorter(template)
sorted_resources = sorter.sort_resources()
for resource in sorted_resources:
resource_type = resource.value['Type']
parser = parsers.get(resource_type)
if parser is not None:
LOGGER.info(f'Parsing resource type {resource_type} with logical name {resource.logical_name}..')
parser.parse(resource.logical_name, resource.value)
orphaned_policies = cls.get_orphaned_policies()
return list(RoleParser.roles.values()), \
list(UserParser.users.values()), \
list(GroupParser.groups.values()), \
list(PermissionSetParser.permission_sets.values()), \
orphaned_policies