policy_sentry
0.6.0

Introduction

  • Overview
    • Motivation
      • Authoring Secure IAM Policies
    • Installation
      • Usage
    • Author Information
  • Comparison to other tools
    • Policy Revocation Tools
      • Repokid
    • AWS Tools
      • AWS Console - Visual Policy Editor
      • AWS Policy Generator (static website)
    • Log-based Policy Generators
      • CloudTracker
      • Trailscraper
    • Other Infrastructure as Code Tools
      • aws-iam-generator
      • Terraform

User Guide

  • Installation
  • Initialization
    • Options
    • Usage
  • Writing IAM Policies
    • CRUD Mode: ARNs and Access Levels
      • Command options
      • Instructions
    • Actions Mode: Lists of IAM Actions
      • Command options
      • Instructions
    • Folder Mode: Write Multiple Policies from CRUD mode files
  • Downloading Policies
    • Customer-managed policies - one account
    • AWS Managed policies
  • Analyzing Policies
    • Motivation
    • Options
    • Instructions
      • Risk Categories
      • Audit all downloaded policies and generate a report
      • Audit a single IAM policy and generate a report
      • Custom Config file
  • Querying the Policy Database
    • Commands
    • Options
  • Command cheat sheet
    • Commands
    • Policy Writing Commands
    • Policy Download and Analysis Commands
    • IAM Database Query Commands

Terraform

  • Terraform Demo
    • Command options
    • Prerequisites
    • Tutorial
  • Terraform Modules
    • 1: Install policy_sentry
    • 2: Generate the policy_sentry YAML File
    • 3: Run policy_sentry and specify proper target directory
    • 4: Create the IAM Policies using JSON files from directory

IAM Knowledge

  • IAM Policies
    • IAM Policy Elements
    • Actions, Resources, and Condition Keys Per Service
      • Action Table
      • ARN Table
      • Condition Keys Table
      • References
  • Minimization

Contributing

  • Contributing
    • Impostor Syndrome Disclaimer
    • Documentation
      • Building Documentation
    • Developing Locally
      • Pipenv
      • Invoke
      • Running the Test Suite
    • Updating the AWS HTML files
  • Contribution Guidelines
  • Internals
    • Overall: How policy_sentry uses these tables
    • Project Structure
      • Subfolders
      • Files
  • Roadmap
    • Log-based policy generation

Appendix

  • Implementation Strategy
  • Policy Sentry as a Python Package
policy_sentry
  • Docs »
  • Search
  • Edit on GitHub

© Copyright 2019, Kinnaird McQuade Revision 331e2d68.

Built with Sphinx using a theme provided by Read the Docs.