How to use get_account_password_policy method in localstack

Best Python code snippet using localstack_python

test_password_policy.py

Source:test_password_policy.py

...29        # A series of tests to check the password policy API30        iam = boto.connect_iam()31        # First preserve what is the current password policy32        try:33            initial_policy_result = iam.get_account_password_policy()34        except boto.exception.BotoServerError as srv_error:35            initial_policy = None36            if srv_error.status != 404:37                raise srv_error38        # Update the policy and check it back39        test_min_length = 8840        iam.update_account_password_policy(minimum_password_length=test_min_length)41        new_policy = iam.get_account_password_policy()42        new_min_length = new_policy['get_account_password_policy_response']\43                                        ['get_account_password_policy_result']['password_policy']\44                                        ['minimum_password_length']45        if test_min_length != int(new_min_length):46            raise Exception("Failed to update account password policy")47        # Delete the policy and check the correct deletion48        test_policy = ''49        iam.delete_account_password_policy()50        try:51            test_policy = iam.get_account_password_policy()52        except boto.exception.BotoServerError as srv_error:53            test_policy = None54            if srv_error.status != 404:55                raise srv_error56        if test_policy is not None:57            raise Exception("Failed to delete account password policy")58        # Restore initial account password policy59        if initial_policy:60            p = initial_policy['get_account_password_policy_response']\61                    ['get_account_password_policy_result']['password_policy']62            iam.update_account_password_policy(minimum_password_length=int(p['minimum_password_length']),63                                                allow_users_to_change_password=bool(p['allow_users_to_change_password']),64                                                hard_expiry=bool(p['hard_expiry']),65                                                max_password_age=int(p['max_password_age']),...

iam.py

Source:iam.py

...20        except ClientError as e:21            if e.response['Error']['Code'] == 'NoSuchEntity':22                continue23    return dict(LoginProfiles=login_profiles)24def get_account_password_policy(region, account, *args, **kwargs):25    '''26    orgcrawler -r OrganizationAccountAccessRole --service iam orgcrawler.untested_payload.iam.get_account_password_policy27    '''28    client = boto3.client('iam', region_name=region, **account.credentials)29    try:30        response = client.get_account_password_policy()31        response.pop('ResponseMetadata')32        return response33    except ClientError as e:34        if e.response['Error']['Code'] == 'NoSuchEntity':35            return dict(PasswordPolicy={})36        else:37            e.response.pop('ResponseMetadata')38            return e.response39def update_account_password_policy(region, account, dryrun=True, policy_attributes=None):40    '''41    orgcrawler -r OrganizationAccountAccessRole --service iam orgcrawler.untested_payload.iam.update_account_password_policy True42    '''43    client = boto3.client('iam', region_name=region, **account.credentials)44    '''45    print('dryrun:',dryrun)46    print('policy_attributes:',policy_attributes)47    '''48    cis_standard = {49        'MinimumPasswordLength': 8,50        'RequireSymbols': True,51        'RequireNumbers': True,52        'RequireUppercaseCharacters': True,53        'RequireLowercaseCharacters': True,54        'AllowUsersToChangePassword': True,55        'MaxPasswordAge': 180,56        'PasswordReusePrevention': 24,57        'HardExpiry': False,58    }59    if policy_attributes is None:60        policy_attributes = cis_standard61    if dryrun is True:62        current_state = get_account_password_policy(region, account)63        return dict(Dryrun={64            'CurrentPasswordPolicy': current_state.get('PasswordPolicy'),65            'ProposedPasswordPolicy': policy_attributes,66        })67    else:68        try:69            response = client.update_account_password_policy(**policy_attributes)70            return dict(HTTPStatusCode=response['ResponseMetadata']['HTTPStatusCode'])71        except ClientError as e:72            e.response.pop('ResponseMetadata')73            return e.response74def delete_account_password_policy(region, account, dryrun=True):75    '''76    orgcrawler -r OrganizationAccountAccessRole --service iam orgcrawler.untested_payload.iam.delete_account_password_policy...

IAM_001.py

Source:IAM_001.py

...19    response = iam.list_account_aliases()20    return response['AccountAliases'][0]212223def get_account_password_policy():24    try:25        response = iam.get_account_password_policy()26        return response['PasswordPolicy']27    except Exception as e:28        if "cannot be found" in str(e):29            return False303132def evaluate_compliance(passwordpolicy):33    if passwordpolicy is False:34        return 'NON_COMPLIANT'35    else:36        if passwordpolicy['RequireNumbers'] is False:37            return 'NON_COMPLIANT'3839    return 'COMPLIANT'404142def lambda_handler(event, context):43    result_token = 'No token found.'44    if 'resultToken' in event:45        result_token = event['resultToken']4647    passwordpolicy = get_account_password_policy()48    compliance_type = evaluate_compliance(passwordpolicy)4950    # Print result for easy debugging51    print(compliance_type)5253    config = boto3.client('config')54    config.put_evaluations(55        Evaluations=[{56            'ComplianceResourceType':57            "AWS::::Account",58                'ComplianceResourceId':59                    get_account_alias(),60                'ComplianceType':61                    compliance_type,
...

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.