policy_sentry
0.6.9

Introduction

  • Overview
    • Motivation
    • Authoring Secure IAM Policies
    • Installation
      • Shell completion
    • Usage
    • Author Information
  • Comparison to other tools
    • Policy Revocation Tools
      • Repokid
    • AWS Tools
      • AWS Console - Visual Policy Editor
      • AWS Policy Generator (static website)
    • Log-based Policy Generators
      • CloudTracker
      • Trailscraper
    • Other Infrastructure as Code Tools
      • aws-iam-generator
      • Terraform

User Guide

  • Installation
    • Shell completion
  • Initialization
    • Options
    • Usage
    • Skipping Initialization
  • Writing IAM Policies
    • CRUD Mode: ARNs and Access Levels
      • Command options
      • Instructions
    • Actions Mode: Lists of IAM Actions
      • Command options
      • Instructions
    • Folder Mode: Write Multiple Policies from CRUD mode files
  • Downloading Policies
    • Customer-managed policies - one account
    • AWS Managed policies
  • Analyzing Policies
    • Motivation
    • Options
    • Instructions
      • Risk Categories
      • Audit all downloaded policies and generate a report
      • Audit a single IAM policy and generate a report
      • Custom Config file
  • Querying the Policy Database
    • Commands
    • Options
  • Docker
  • Command cheat sheet
    • Commands
    • Initialization
    • Policy Writing Commands
    • IAM Database Query Commands
    • Policy Download and Analysis Commands

Terraform

  • Terraform Demo
    • Command options
    • Prerequisites
    • Tutorial
  • Terraform Modules
    • 1: Install policy_sentry
    • 2: Generate the policy_sentry YAML File
    • 3: Run policy_sentry and specify proper target directory
    • 4: Create the IAM Policies using JSON files from directory

Contributing

  • Contributing
    • Contributing to Documentation
      • Building Documentation
      • Docstrings
    • IAM Database
      • How Policy Sentry uses the IAM database
        • Updating the AWS HTML files
    • Testing
      • Pipenv
      • Invoke
      • Local Unit Testing and Integration Testing: Quick and Easy
      • Running the Test Suite
    • Project Structure
      • Subfolders
      • Files and functions
    • Versioning
      • Version bumps
    • Roadmap
      • Condition Keys
      • Log-based policy generation

Library Usage

  • Library Usage
    • Getting Started with the Library
    • Examples
      • Querying the IAM Database
        • All
        • Actions
        • ARNs
        • Conditions
      • Writing Policies
        • Actions Mode: Writing Policies by providing a list of Actions
        • CRUD Mode: Writing Policies by Access Levels and ARNs
      • Analyzing Policies
        • Analyzing by access level
        • Expanding actions from a policy file
    • Module Reference
      • Querying
        • querying.all
        • querying.actions
        • querying.arns
        • querying.conditions
      • Writing
        • command.write_policy
        • writing.policy
        • writing.roles
        • writing.template
        • writing.validate
        • writing.minimize
      • Analyzing
        • analysis.analyze
      • Utilities
        • util.policy_files
        • util.arns
        • util.file
        • util.actions

Appendix

  • Implementation Strategy

IAM Background

  • IAM Policies
    • IAM Policy Elements
    • Actions, Resources, and Condition Keys Per Service
      • Action Table
      • ARN Table
      • Condition Keys Table
      • References
  • Minimization
policy_sentry
  • Docs »
  • Python Module Index

Python Module Index

p
 
p
- policy_sentry
    policy_sentry.analysis.analyze
    policy_sentry.querying.actions
    policy_sentry.querying.all
    policy_sentry.querying.arns
    policy_sentry.querying.conditions
    policy_sentry.util.actions
    policy_sentry.util.arns
    policy_sentry.util.file
    policy_sentry.util.policy_files
    policy_sentry.writing.minimize
    policy_sentry.writing.policy
    policy_sentry.writing.roles
    policy_sentry.writing.template
    policy_sentry.writing.validate

© Copyright 2019, Kinnaird McQuade Revision 208629ba.

Built with Sphinx using a theme provided by Read the Docs.