Skip to content

tomzx/policy-evaluator

BranchesTags

Repository files navigation

Policy Evaluator

License Latest Stable Version Latest Unstable Version Build Status Code Quality Code Coverage Total Downloads

Policy Evaluator is a simple system based on AWS Policies. Given a set of statements, Policy Evaluator will then be able to answers to queries about whether this set of policies is allowed (or not) to perform a given action on a given resource.

Getting started

php composer.phar require tomzx/policy-evaluator

Example

use tomzx\PolicyEvaluator\Evaluator;
use tomzx\PolicyEvaluator\Resource;

Resource::$prefix = 'arn';

$evaluator = new Evaluator([
	'Statement' => [
		[
			'Action' => 'service:*',
			'Resource' => 'arn:aws:*',
			'Effect' => 'Allow',
		],
		[
			'Action' => 's3:*',
			'Resource' => 'arn:aws:s3:::my-bucket/*',
			'Effect' => 'Allow',
		],
	],
]);

$evaluator->canExecuteActionOnResource('service:test', 'arn:aws:test');
$evaluator->canExecuteActionOnResource('s3:GetObject', 'arn:aws:s3:::my-bucket/some-file');

Variables support

use tomzx\PolicyEvaluator\Evaluator;
use tomzx\PolicyEvaluator\Resource;

Resource::$prefix = 'arn';

$evaluator = new Evaluator([
	'Statement' => [
		[
			'Action' => 'service:*',
			'Resource' => 'arn:aws:${aws:username}',
			'Effect' => 'Allow',
		],
	],
]);

$evaluator->canExecuteActionOnResource('service:test', 'arn:aws:test', [
    'aws:username' => 'someUsername',
]);

License

The code is licensed under the MIT license. See LICENSE.

About

Policy evaluator based on AWS AMI Policies.

Topics

aws policy policies policy-evaluator

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages