varnitgoyal95/deployment-portal-fe
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

INFRA-4009 | Ankit Bhardwaj | add validation for restrictive policy (#723)

Browse Source
This commit is contained in:
Ankit Bhardwaj Bhardwaj
2024-11-20 15:39:46 +05:30
committed by GitHub
parent 2ab3117047
commit 54639c71a1
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/models/s3BucketsValidationSchema.ts
View File

@@ -30,12 +30,15 @@ function isS3WildcardAction(action: string | string[]): boolean {
function createContextError(context: any, message: string): boolean {
return context.createError({ message });
}
function isPrincipalRestrictive(principal: any): boolean {
return principal === '*' || principal?.AWS === '*' || principal?.AWS?.includes('*');
}
function isStatementTooRestrictive(statements: any): boolean {
return statements.some(
(statement: any) =>
statement.Principal === '*' &&
statement.Effect === 'Deny' &&
isPrincipalRestrictive(statement.Principal) &&
isS3WildcardAction(statement.Action),
);
}