pre-commit/pre-commit-hooks
1
0
Fork 0
mirror of https://github.com/pre-commit/pre-commit-hooks.git synced 2026-03-31 02:36:52 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
pre-commit-hooks/pre_commit_hooks/check_iam.py
Bryce Wade bf42103d47 Adding check-iam check
2023-01-23 13:16:19 -06:00

40 lines
1.2 KiB
Python
Raw Blame History

import argparse
import hcl2
# from typing import Any
from typing import Sequence
def main(argv: Sequence[str] | None = None) -> int:
parser = argparse.ArgumentParser()
parser.add_argument('filenames', nargs='*', help='Filenames to check.')
args = parser.parse_args(argv)
retval = 0
for filename in args.filenames:
if filename == "iam.tf":
continue
with open(filename, 'rb') as f:
try:
dict = hcl2.load(f)
except ValueError as exc:
print(f'{filename}: Failed to hcl decode ({exc})')
retval = 1
resources = data.get('resource')
if resources:
for item in resources:
for keys in item:
if key.startswith("aws_iam"):
print(f'{filename}: Has {key} resource')
retval = 1
resources = data.get('data')
if resources:
for item in resources:
for keys in item:
if key.startswith("aws_iam"):
print(f'{filename}: Has {key} data resource')
retval = 1
return retval
if __name__ == '__main__':
raise SystemExit(main())
Reference in a new issue View git blame Copy permalink