Bot releases are hidden (Show)
Security updates, and changes to iam_definition
What's Changed
- chore: update iam_definition on 2024-03-13 by @ChrisTowles in https://github.com/duo-labs/parliament/pull/239
- Add a realistic user-agent to avoid WAF for util by @iann0036 in https://github.com/duo-labs/parliament/pull/242
- Bump requests from 2.28.1 to 2.31.0 by @dependabot in https://github.com/duo-labs/parliament/pull/231
- Bump certifi from 2022.6.15 to 2023.7.22 by @dependabot in https://github.com/duo-labs/parliament/pull/234
- Bump idna from 3.3 to 3.7 by @dependabot in https://github.com/duo-labs/parliament/pull/243
- Bump urllib3 from 1.26.12 to 1.26.19 by @dependabot in https://github.com/duo-labs/parliament/pull/245
- Bump requests from 2.31.0 to 2.32.2 by @dependabot in https://github.com/duo-labs/parliament/pull/246
- Show how to update iam_definition.json by @iainelder in https://github.com/duo-labs/parliament/pull/240
New Contributors
- @ChrisTowles made their first contribution in https://github.com/duo-labs/parliament/pull/239
- @iann0036 made their first contribution in https://github.com/duo-labs/parliament/pull/242
- @iainelder made their first contribution in https://github.com/duo-labs/parliament/pull/240
Full Changelog: https://github.com/duo-labs/parliament/compare/1.6.2...1.63
Published by 0xdabbad00 over 1 year ago
Updates IAM definition
Published by 0xdabbad00 about 2 years ago
- Bumps up size of lru_cache for a large speed improvement
- Adds more global variables
- Fixes unit tests
Published by 0xdabbad00 about 2 years ago
- Updates IAM definition
- Updates requirements.txt
- Uses pytest now for unit tests as nose is deprecated
- Minor bug fix from https://github.com/duo-labs/parliament/pull/211
- Minor feature to allow exceptions to be swallowed
Published by 0xdabbad00 almost 3 years ago
Undo attempted bug fix
Published by 0xdabbad00 almost 3 years ago
Bug fix
Published by 0xdabbad00 almost 3 years ago
- Updates IAM data
- Adds community auditor SINGLE_VALUE_CONDITION_TOO_PERMISSIVE for this confusing aspect of IAM described here thanks to @patrobinson
- Adds RESOURCE_EFFECTIVELY_STAR for when the resource contains more than
*but is still effectively*thanks to @raghavkaul - Bug fix: --directory option works again thanks to @frek818
Published by 0xdabbad00 about 3 years ago
- Update IAM data
Published by 0xdabbad00 over 3 years ago
- Updates IAM data
- Add stricter checking to resource attributes #177 - thanks @briandbecker!
- Fixes --aws-managed-policies and --auth-details-file which were breaking due to json-cfg #175 - thanks @RyanJarv!
- Updated AWS principal regex to allow CloudFront OAI ARNs, added a test #174 - thanks @seth-carroll!
Published by 0xdabbad00 over 3 years ago
- Updates IAM data
- Validate use of NotResource and NotAction based on AWS best practices via #166 from @raghavkaul
- Find all unknown Actions and unknown Prefixes in a Statement via #165 from @raghavkaul
Published by 0xdabbad00 almost 4 years ago
- Bug fix from @piax93 where
node_existswas being called but did not exist (#158) - Bug fix from @KevinHock where an
INVALID_ARNwas causing other findings to incorrectly occur (#159) - Readme now references https://github.com/z0ph/aws_managed_policies and @KevinHock also made some spelling fixes.
- Updates IAM data
Published by 0xdabbad00 almost 4 years ago
The AWS doc format changed (#155) so this fixes that and updates the IAM data.
Published by 0xdabbad00 almost 4 years ago
Updates IAM.
Fixes #153 (an issue with NotAction) via #151 by @danielpops
Published by 0xdabbad00 about 4 years ago
Updates IAM data
Published by 0xdabbad00 about 4 years ago
Bug fixes related to identifying the line numbers for locations from #143 and #142.
Published by 0xdabbad00 about 4 years ago
Findings now include line numbers and column via #139. This changes the location field so it no longer attempts to just identify the Statement.
This isn't exactly a huge change, but I should have bumped this project to 1.0 a long time ago.
Also a bug fix for ignoring AWS policies via #136
Published by 0xdabbad00 over 4 years ago
This improves the RESOURCE_STAR finding via #132 by @dgubitosi, such that given ec2:Create* on Resource *, it will call out specifically which actions from that expansion could have more fine-grained resources, as opposed to just telling you ec2:Create* is bad.
Also updates the privilege info.
Published by 0xdabbad00 over 4 years ago
- IAM data updated
- Python 3.6 or above is now enforced thanks to @michael-k and @dgubitosi in #121
- Parliament no longer crashes when it encounters CloudFormation concepts in policies that are not proper IAM thanks to @michael-k in #124
- New community auditor that takes user-provided config values and checks policies for presence of sensitive action/resource thanks to @xen0l in #114
From now on for the version that is formatted as major.minor.patch. I'm going to bump the minor version whenever new functionality is added. I'll bump the patch if the update is only for IAM definition or a bug.
Published by 0xdabbad00 over 4 years ago
Reference added to statements to keep track of what policy they are from (#115). Use by CloudMapper's access_check command.
Published by 0xdabbad00 over 4 years ago
Improved performance from PR #110 by @yoava333 magically makes Parliament run up to 100x faster!
Updated privilege info in #113.