-
Notifications
You must be signed in to change notification settings - Fork 143
Home
Matt Jones edited this page Oct 23, 2019
·
9 revisions
policy_sentry is an IAM Least Privilege Policy Generator, auditor, and analysis database.
Please note that the wiki documentation is a work in progress.
- IAM Policies. This covers (1) Elements of an IAM Policy and (2) Breakdown of the tables for Actions, Resources, and Condition keys per service
- Minimization. This covers our method for reducing the size of IAM policies generated using our tool in an attempt to meet IAM Policy Character limit restrictions.
- User Guide
-
Initialization: How to initialize policy_sentry. This creates the SQLite database stored in the
$HOME/.policy_sentry/
directory, which is required for using this tool. - Write Policies with Resource ARNs and Access Levels
- Write Policies with a List of Actions
- Downloading Policies
- Analyzing IAM Policies
- Demo: Terraform and policy_sentry: This provides a walkthrough of the Terraform + policy_sentry demo code.
- Terraform Modules: How to generate policies with policy_sentry + Terraform using pre-built Terraform modules.
- Developer Guide. This covers generally how policy_sentry uses the Action Tables, ARN Tables, and Condition Keys tables to generate IAM Policies
- Limitations: Identifies some services that are currently missing