salesforce · gruebel · Jan 31, 2026 · Jan 31, 2026
diff --git a/cloudsplaining/output/dist/index.html b/cloudsplaining/output/dist/index.html
diff --git a/cloudsplaining/output/dist/js/index.js b/cloudsplaining/output/dist/js/index.js
diff --git a/cloudsplaining/output/src/App.vue b/cloudsplaining/output/src/App.vue
@@ -33,23 +33,19 @@
         </b-navbar>
 
         <b-container class="mt-3 pb-3 report">
-            <b-tabs nav-class="d-none">
-                <router-view />
-                <!-- <b-tab key="task-table">-->
-                <!--                    <br>-->
-                <!--                    <h3>Tasks (demo WIP)</h3>-->
-                <!--                    <br>-->
-                <!--&lt;!&ndash;                    <h3>Customer-Managed Policies</h3>&ndash;&gt;-->
-                <!--&lt;!&ndash;                    <TaskTable managedBy="Customer" v-bind:items_mapping="getTaskTableMapping('Customer')"/>&ndash;&gt;-->
-                <!--&lt;!&ndash;                    <br>&ndash;&gt;-->
-                <!--                    &lt;!&ndash;TODO: Figure out the overlap issue where the two tables results in a double info field in Customer policies&ndash;&gt;-->
-                <!--                    <h3>AWS-Managed Policies</h3>-->
-                <!--                    <TaskTable managedBy="AWS" v-bind:items_mapping="getTaskTableMapping('AWS')"/>-->
-                <!--                    &lt;!&ndash;TODO: Task table for Inline Policies&ndash;&gt;-->
-                <!--&lt;!&ndash;                    <h3>Inline Policies</h3>&ndash;&gt;-->
-                <!--&lt;!&ndash;                    <TaskTable v-bind:policyNameMapping="getInlinePolicyNameMapping()"/>&ndash;&gt;-->
-                <!--                </b-tab> -->
-            </b-tabs>
+            <router-view />
+            <!-- <br> -->
+            <!-- <h3>Tasks (demo WIP)</h3> -->
+            <!-- <br> -->
+            <!-- <h3>Customer-Managed Policies</h3> -->
+            <!-- <TaskTable managedBy="Customer" v-bind:items_mapping="getTaskTableMapping('Customer')"/> -->
+            <!-- <br> -->
+            <!-- TODO: Figure out the overlap issue where the two tables results in a double info field in Customer policies -->
+            <!-- <h3>AWS-Managed Policies</h3> -->
+            <!-- <TaskTable managedBy="AWS" v-bind:items_mapping="getTaskTableMapping('AWS')"/> -->
+            <!-- TODO: Task table for Inline Policies -->
+            <!-- <h3>Inline Policies</h3> -->
+            <!-- <TaskTable v-bind:policyNameMapping="getInlinePolicyNameMapping()"/> -->
         </b-container>
         <b-container>
             <b-row class="mt-5">

diff --git a/cloudsplaining/output/src/test/groups-test.js b/cloudsplaining/output/src/test/groups-test.js
@@ -2,16 +2,17 @@ const groups = require('../util/groups')
 const sampleData = require('../sampleData')
 
 let mocha = require('mocha');
-let chai = require('chai');
+let assert;
+before(async () => { ({ assert } = await import('chai')); });
 let it = mocha.it;
 let iam_data = sampleData.sample_iam_data;
 
 
 it("groups.getGroupNames: should return list of group names", function () {
     const result = groups.getGroupNames(iam_data);
     const expectedResult = Object.keys(iam_data.groups);
-    chai.assert(result != null);
-    chai.assert.deepEqual(result, expectedResult);
+    assert(result != null);
+    assert.deepEqual(result, expectedResult);
     console.log(`Should be ["admin", "biden"]: ${JSON.stringify(result)}`);
 });
 
@@ -27,8 +28,8 @@ it("groups.getGroupMembers: should return list of users that are a member of thi
             "user_name": "userwithlotsofpermissions"
         }
     ];
-    chai.assert(result != null);
-    chai.assert.deepEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepEqual(result, expectedResult)
     console.log(`Should be ["obama", "userwithlotsofpermissions"] : ${JSON.stringify(result)}`);
 });
 
@@ -44,8 +45,8 @@ it("groups.getGroupMembers: should return list of users that are a member of thi
             user_name: "userwithlotsofpermissions"
         }
     ];
-    chai.assert(result != null);
-    chai.assert.deepEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepEqual(result, expectedResult)
     console.log(`Should be array of objects for the user names "obama", "userwithlotsofpermissions"] : ${JSON.stringify(result)}`);
 });
 
@@ -55,8 +56,8 @@ it("groups.getGroupMemberships: should return list users that are a member of gi
         "group_id": "admin",
         "group_name": "admin"
     };
-    chai.assert(result != null);
-    chai.assert.lengthOf(result, 1)
-    chai.assert.deepInclude(result, expectedResult)
+    assert(result != null);
+    assert.lengthOf(result, 1)
+    assert.deepInclude(result, expectedResult)
     console.log(`Should be array of objects for the user "userwithlotsofpermissions"] : ${JSON.stringify(result)}`);
 });
diff --git a/cloudsplaining/output/src/test/inline-policies-test.js b/cloudsplaining/output/src/test/inline-policies-test.js
@@ -1,7 +1,8 @@
 var inlinePolicies = require('../util/inline-policies')
 var sampleData = require('../sampleData');
 let mocha = require('mocha');
-let chai = require('chai');
+let assert;
+before(async () => { ({ assert } = await import('chai')); });
 let it = mocha.it;
 let iam_data = sampleData.sample_iam_data;
 
@@ -21,8 +22,8 @@ it("inlinePolicies.getInlinePolicyDocument: should return Inline policy document
           }
         ]
       };
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult);
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult);
     console.log(`inline policy document: ${JSON.stringify(result)}`);
 });
 
@@ -31,8 +32,8 @@ it("inlinePolicies.getServicesAffectedByInlinePolicy: should identify list of se
     var expectedResult = [
         "s3",
     ]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult, "lists of services used do not match")
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult, "lists of services used do not match")
     console.log(`Services affected: ${JSON.stringify(result)}`);
 });
 
@@ -47,8 +48,8 @@ it("inlinePolicies.getInlinePolicyFindings: should return Inline policy findings
                     ]
                 }
             ]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`PrivilegeEscalation findings: ${JSON.stringify(result)}`);
 });
 
@@ -59,8 +60,8 @@ it("inlinePolicies.getInlinePolicyFindings: should return Inline policy findings
         "iam:PassRole",
         "iam:CreateInstanceProfile",
     ]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`ResourceExposure findings: ${JSON.stringify(result)}`);
 });
 
@@ -75,56 +76,56 @@ it("inlinePolicies.getInlinePolicyIds: should print out all inline Policy IDs",
       "354d81e1788639707f707738fb4c630cb7c5d23614cc467ff9a469a670049e3f"
 
     ]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`Inline Policy IDs: ${JSON.stringify(result)}`);
 });
 
 it("inlinePolicies.getPrincipalTypeLeveragingInlinePolicy: should get a list of groups that leverage this inline policy", function () {
     var result = inlinePolicies.getPrincipalTypeLeveragingInlinePolicy(iam_data, "ffd2b5250e18691dbd9f0fb8b36640ec574867835837f17d39f859c3193fb3f2", "Group")
     var expectedResult = ["admin"]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`Groups leveraging the InlinePolicyForAdminGroup inline policy: ${JSON.stringify(result)}`);
 });
 
 it("inlinePolicies.getPrincipalTypeLeveragingInlinePolicy: should get a list of USERS that leverage this inline policy", function () {
     var result = inlinePolicies.getPrincipalTypeLeveragingInlinePolicy(iam_data, "354d81e1788639707f707738fb4c630cb7c5d23614cc467ff9a469a670049e3f", "User")
     var expectedResult = ["userwithlotsofpermissions"]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`User names leveraging the InsecureUserPolicy inline policy: ${JSON.stringify(result)}`);
 });
 
 it("inlinePolicies.getRolesLeveragingInlinePolicy: should return list of ROLES leveraging Inline policy", function () {
     var result = inlinePolicies.getRolesLeveragingInlinePolicy(iam_data, "0568550cb147d2434f6c04641e921f18fe1b7b1fd0b5af5acf514d33d204faca");
     var expectedResult = ["MyRole", "MyOtherRole"]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`List of roles leveraging the inline policy: ${JSON.stringify(result)}`);
 });
 
 it("inlinePolicies.inlinePolicyAssumableByComputeService: should tell us if an INLINE policy is leveraged by a role that can be run by a compute service", function() {
     var result = inlinePolicies.inlinePolicyAssumableByComputeService(iam_data, "0568550cb147d2434f6c04641e921f18fe1b7b1fd0b5af5acf514d33d204faca")
     var expectedResult = ["lambda", "ec2"]
-    chai.assert(result != null);
+    assert(result != null);
     console.log(`The role called MyOtherRole allows the use of the EC2 service: ${JSON.stringify(result)}`);
-    chai.assert.deepStrictEqual(result, expectedResult, "lists do not match")
+    assert.deepStrictEqual(result, expectedResult, "lists do not match")
 });
 
 it("inlinePolicies.getInlinePolicyIds: should give us the object to feed into the table", function() {
     let inlinePolicyIds = inlinePolicies.getInlinePolicyIds(iam_data)
     var result = inlinePolicies.getInlinePolicyItems(iam_data, inlinePolicyIds)
-    chai.assert(result != null);
+    assert(result != null);
     console.log(`Result: ${JSON.stringify(result.length)}`);
     console.log(`Result: ${JSON.stringify(result)}`);
-    chai.assert(result.length === 5, "The results dictionary is not as large as expected")
+    assert(result.length === 5, "The results dictionary is not as large as expected")
 });
 
 it("getInlinePolicyIds.getInlinePolicyNameMapping: should give us the object to feed into the table for customers", function() {
     var result = inlinePolicies.getInlinePolicyNameMapping(iam_data)
-    chai.assert(result != null);
+    assert(result != null);
     console.log(`Result: ${JSON.stringify(result.length)}`);
     console.log(`Result: ${JSON.stringify(result)}`);
-    chai.assert(result.length > 1, "The results dictionary is not as large as expected")
+    assert(result.length > 1, "The results dictionary is not as large as expected")
 });
diff --git a/cloudsplaining/output/src/test/managed-policies-test.js b/cloudsplaining/output/src/test/managed-policies-test.js
@@ -1,31 +1,32 @@
 const managedPolicies = require('../util/managed-policies');
 var sampleData = require('../sampleData');
 let mocha = require('mocha');
-let chai = require('chai');
+let assert;
+before(async () => { ({ assert } = await import('chai')); });
 let it = mocha.it;
 let iam_data = sampleData.sample_iam_data;
 
 it("managedPolicies.getManagedPolicyDocument: should return Managed policy document object", function() {
     var result = managedPolicies.getManagedPolicyDocument(iam_data, "Customer", "NotYourPolicy");
     var expectedResult = {"Version":"2012-10-17","Statement":[{"Sid":"VisualEditor0","Effect":"Allow","Action":["s3:PutObject","s3:PutObjectAcl"],"Resource":["arn:aws:s3:::mybucket/*","arn:aws:s3:::mybucket"]}]};
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult);
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult);
     console.log(`Managed Policy Document: ${JSON.stringify(result)}`);
 });
 
 it("managedPolicies.getRolesLeveragingManagedPolicy: should return list of roles leveraging Managed policy", function() {
     var result = managedPolicies.getRolesLeveragingManagedPolicy(iam_data, "AWS", "ANPAI6E2CYYMI4XI7AA5K");
     var expectedResult = ["MyRole","MyOtherRole"]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`Roles leveraging the managed policy ANPAI6E2CYYMI4XI7AA5K: ${JSON.stringify(result)}`);
 });
 
 it("managedPolicies.getManagedPolicyFindings: should return Managed policy findings for PrivilegeEscalation", function () {
     var result = managedPolicies.getManagedPolicyFindings(iam_data, "Customer", "InsecurePolicy", "PrivilegeEscalation");
     var expectedResult = []
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`PrivilegeEscalation findings: ${JSON.stringify(result)}`);
 });
 
@@ -34,8 +35,8 @@ it("managedPolicies.getManagedPolicyFindings: should return Managed policy findi
     var expectedResult = [
         "s3:PutObjectAcl"
     ]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`ResourceExposure findings: ${JSON.stringify(result)}`);
 });
 
@@ -67,24 +68,24 @@ it("managedPolicies.getManagedPolicyIds: should print out all managed Policy IDs
       "ANPAJYRXTHIB4FOVS3ZXS"
     ]
     // console.log(result.length)
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`Managed Policy IDs: ${JSON.stringify(result)}`);
 });
 
 // it("managedPolicies.managedPolicyManagedBy: should identify AWS managed vs customer managed policies", function() {
 //     var result = managedPolicies.managedPolicyManagedBy(iam_data, "ANPAI4UIINUVGB5SEC57G")
 //     var expectedResult = "AWS"
-//     chai.assert(result != null);
-//     chai.assert.strictEqual(result, expectedResult)
+//     assert(result != null);
+//     assert.strictEqual(result, expectedResult)
 //     console.log(`Managed by: ${JSON.stringify(result)}`);
 // });
 //
 // it("managedPolicies.managedPolicyManagedBy: should identify customer managed policies", function() {
 //     var result = managedPolicies.managedPolicyManagedBy(iam_data, "NotYourPolicy")
 //     var expectedResult = "Customer"
-//     chai.assert(result != null);
-//     chai.assert.strictEqual(result, expectedResult)
+//     assert(result != null);
+//     assert.strictEqual(result, expectedResult)
 //     console.log(`Managed by: ${JSON.stringify(result)}`);
 // });
 
@@ -104,59 +105,59 @@ it("managedPolicies.getServicesAffectedByManagedPolicy: should identify list of
       "sns",
       "sqs"
     ]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult, "lists of services used do not match")
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult, "lists of services used do not match")
     console.log(`Services affected: ${JSON.stringify(result)}`);
 });
 
 it("managedPolicies.getUsersLeveragingManagedPolicy: should identify Users who have the managed policy attached", function() {
     var result = managedPolicies.getUsersLeveragingManagedPolicy(iam_data, "AWS", "ANPAI4VCZ3XPIZLQ5NZV2")
     var expectedResult = ["obama"]
-    chai.assert(result != null);
-    chai.assert.deepStrictEqual(result, expectedResult)
+    assert(result != null);
+    assert.deepStrictEqual(result, expectedResult)
     console.log(`Users leveraging the managed policy AWSCodeCommitFullAccess should equal obama: ${JSON.stringify(result)}`);
 });
 
 it("managedPolicies.getGroupsLeveragingManagedPolicy: should identify Groups who have the managed policy attached", function() {
     var result = managedPolicies.getGroupsLeveragingManagedPolicy(iam_data, "AWS", "ANPAI6E2CYYMI4XI7AA5K")
     var expectedResult = ["admin"]
-    chai.assert(result != null);
+    assert(result != null);
     console.log(`Groups leveraging the managed policy AWSLambdaFullAccess should equal admin: ${JSON.stringify(result)}`);
-    chai.assert.deepStrictEqual(result, expectedResult, "lists do not match")
+    assert.deepStrictEqual(result, expectedResult, "lists do not match")
 });
 
 it("managedPolicies.managedPolicyAssumableByComputeService: should tell us if a policy is leveraged by a role that can be run by a compute service", function() {
     var result = managedPolicies.managedPolicyAssumableByComputeService(iam_data, "AWS", "ANPAI6E2CYYMI4XI7AA5K")
     var expectedResult = ["lambda", "ec2"]
-    chai.assert(result != null);
+    assert(result != null);
     console.log(`The role called MyOtherRole allows the use of the Lambda and EC2 service: ${JSON.stringify(result)}`);
-    chai.assert.deepStrictEqual(result, expectedResult, "lists do not match")
+    assert.deepStrictEqual(result, expectedResult, "lists do not match")
 });
 
 it("managedPolicies.getManagedPolicyItems: should give us the object to feed into the table", function() {
     let managedPolicyIds = managedPolicies.getManagedPolicyIds(iam_data, "AWS")
     var result = managedPolicies.getManagedPolicyItems(iam_data, "AWS", managedPolicyIds)
-    chai.assert(result != null);
+    assert(result != null);
     console.log(`Result: ${JSON.stringify(result.length)}`);
     let resultPolicyNameArray = result.map(function (el) { return el.policy_name; });
     console.log(`Policy names in result: ${JSON.stringify(resultPolicyNameArray)}`)
-    chai.assert(result.length > 3, "The results dictionary is not as large as expected")
+    assert(result.length > 3, "The results dictionary is not as large as expected")
 });
 
 it("managedPolicies.getManagedPolicyItems: should give us the object to feed into the table for customers", function() {
     let managedPolicyIds = managedPolicies.getManagedPolicyIds(iam_data, "Customer")
     let result = managedPolicies.getManagedPolicyItems(iam_data, "Customer", managedPolicyIds)
-    chai.assert(result != null);
+    assert(result != null);
     console.log(`Result: ${JSON.stringify(result.length)}`);
     let resultPolicyNameArray = result.map(function (el) { return el.policy_name; });
     console.log(`Policy names in result: ${JSON.stringify(resultPolicyNameArray)}`)
-    chai.assert(result.length > 1, "The results dictionary is not as large as expected")
+    assert(result.length > 1, "The results dictionary is not as large as expected")
 });
 
 it("managedPolicies.getManagedPolicyNameMapping: should give us the object to feed into the table for customers", function() {
     var result = managedPolicies.getManagedPolicyNameMapping(iam_data, "AWS")
-    chai.assert(result != null);
+    assert(result != null);
     console.log(`Result: ${JSON.stringify(result.length)}`);
     console.log(`Result: ${JSON.stringify(result)}`);
-    chai.assert(result.length > 1, "The results dictionary is not as large as expected")
+    assert(result.length > 1, "The results dictionary is not as large as expected")
 });