def build_configuration()

in cfn_policy_validator/validation/validator.py [0:0]

• 27 lines of code
• 1 McCabe index (conditional complexity)

	def build_configuration(self, resource):
		policy = json.dumps(resource.Policy.Policy)

		# since we're evaluating the access point independently, the name of the bucket does not matter
		bucket_name = str(uuid.uuid4())

		bucket_policy_json = self.build_bucket_policy(bucket_name)
		bucket_policy = json.dumps(bucket_policy_json)

		network_origin = {
			'internetConfiguration': {}
		}

		if resource.Configuration is not None and 'VpcId' in resource.Configuration:
			network_origin = {
				'vpcConfiguration': {
					'vpcId': resource.Configuration['VpcId']
				}
			}

		return {
			f'arn:{self.partition}:s3:::{bucket_name}': {
				's3Bucket': {
					'accessPoints': {
						f'arn:{self.partition}:s3:{self.region}:{self.account_id}:accesspoint/{resource.ResourceName}': {
							'accessPointPolicy': policy,
							'networkOrigin': network_origin
						}
					},
					'bucketPolicy': bucket_policy
				}
			}
		}