policy_sentry
0.6.5
Introduction
Overview
Motivation
Authoring Secure IAM Policies
Installation
Usage
Author Information
Comparison to other tools
Policy Revocation Tools
Repokid
AWS Tools
AWS Console - Visual Policy Editor
AWS Policy Generator (static website)
Log-based Policy Generators
CloudTracker
Trailscraper
Other Infrastructure as Code Tools
aws-iam-generator
Terraform
User Guide
Installation
Initialization
Options
Usage
Skipping Initialization
Writing IAM Policies
CRUD Mode: ARNs and Access Levels
Command options
Instructions
Actions Mode: Lists of IAM Actions
Command options
Instructions
Folder Mode: Write Multiple Policies from CRUD mode files
Downloading Policies
Customer-managed policies - one account
AWS Managed policies
Analyzing Policies
Motivation
Options
Instructions
Risk Categories
Audit all downloaded policies and generate a report
Audit a single IAM policy and generate a report
Custom Config file
Querying the Policy Database
Commands
Options
Usage as a Python Package
Docker
Command cheat sheet
Commands
Initialization
Policy Writing Commands
IAM Database Query Commands
Policy Download and Analysis Commands
Terraform
Terraform Demo
Command options
Prerequisites
Tutorial
Terraform Modules
1: Install policy_sentry
2: Generate the policy_sentry YAML File
3: Run policy_sentry and specify proper target directory
4: Create the IAM Policies using JSON files from directory
IAM Knowledge
IAM Policies
IAM Policy Elements
Actions, Resources, and Condition Keys Per Service
Action Table
ARN Table
Condition Keys Table
References
Minimization
Contributing
Contributing
Impostor Syndrome Disclaimer
Documentation
Building Documentation
Developing Locally
Pipenv
Invoke
Local Unit Testing and Integration Testing: Quick and Easy
Running the Test Suite
Updating the AWS HTML files
Version bumps
Internals
Overall: How policy_sentry uses these tables
Project Structure
Subfolders
Files and functions
Roadmap
Log-based policy generation
Appendix
Implementation Strategy
policy_sentry
Docs
»
Index
Edit on GitHub
Index