SimulatePrincipalpolicy:: Python SDK does not work with regular expressions
amitdwivedi-broadcom opened this issue · comments
Simulate policy API which helps us to check the effective permission for role is not working if the policy associated with role has regex like arn:aws::s3:* for resource or any such regex. It still gives that the permission is denied for actions which has resources associated with.
Problem in Python AWS SDK
example::
{
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"iam:GetContextKeysForCustomPolicy",
"iam:GetContextKeysForPrincipalPolicy",
"iam:SimulateCustomPolicy",
"iam:SimulatePrincipalPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws::s3:*"
}
]
}
Hi @amitdwivedi-broadcom
I think you're issue is related to the AWS SDK for Python, and it should be reported in the https://github.com/boto/boto3 GitHub repo.
I will close this one here. Feel free to reopen if I'm wrong.