Skip to content

Commit

Permalink
fix: NoneType object is not iterable
Browse files Browse the repository at this point in the history
  • Loading branch information
@HugoPBrito
HugoPBrito committed Jan 23, 2025
1 parent ad189b3 commit ffdb4d3
Showing 1 changed file with 15 additions and 12 deletions.
27 changes: 15 additions & 12 deletions ...udwatch_log_group_not_publicly_accessible/cloudwatch_log_group_not_publicly_accessible.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,18 +12,21 @@ def execute(self):
and logs_client.log_groups is not None
):
for resource_policies in logs_client.resource_policies.values():
for resource_policy in resource_policies:
if is_policy_public(
resource_policy.policy, logs_client.audited_account
):
for statement in resource_policy.policy.get("Statement", []):
public_resources = statement.get("Resource", [])
if isinstance(public_resources, str):
public_resources = [public_resources]
for resource in public_resources:
for log_group in logs_client.log_groups.values():
if log_group.arn in resource or resource == "*":
public_log_groups.append(log_group.arn)
if resource_policies is not None:
for resource_policy in resource_policies:
if is_policy_public(
resource_policy.policy, logs_client.audited_account
):
for statement in resource_policy.policy.get(
"Statement", []
):
public_resources = statement.get("Resource", [])
if isinstance(public_resources, str):
public_resources = [public_resources]
for resource in public_resources:
for log_group in logs_client.log_groups.values():
if log_group.arn in resource or resource == "*":
public_log_groups.append(log_group.arn)
for log_group in logs_client.log_groups.values():
report = Check_Report_AWS(metadata=self.metadata(), resource=log_group)
report.status = "PASS"
Expand Down

0 comments on commit ffdb4d3

Please # to comment.