policy_sentry
0.8.0

Introduction

  • Overview
    • Motivation
    • Authoring Secure IAM Policies
    • Installation
      • Shell completion
    • Usage

User Guide

  • Installation
    • Shell completion
    • Docker
      • Building the Docker Image
      • Using the Docker Image
    • Rebuilding the IAM Database
      • Initialize
        • Options
        • Usage
        • Skipping Initialization
  • Writing IAM Policies
    • CRUD Mode
      • Command options
      • Instructions
      • Wildcard-only section
        • Example
        • Basic support for Wildcard-only Actions
        • CRUD-based support for Wildcard-only Actions
        • Combining approaches
    • Actions Mode
      • Command options
      • Instructions
    • CRUD Mode Examples
      • Example 1: Basic CRUD
      • Example 2: Skipping Resource Constraints
      • Example 3: Wildcard-only - Single Actions
      • Example 4: Wildcard only - Bulk Selection Service-Wide
  • Querying the IAM Database
    • Action table
      • Options
    • ARN Table
      • Options
    • Condition Table
      • Options
  • Terraform
    • Prerequisites
    • Note
    • Example
  • Cheat sheet
    • Commands
    • Policy Writing Commands
    • IAM Database Query Commands
    • Initialization (Optional)

Contributing

  • Contributing
    • Contributing to Documentation
      • Building Documentation
      • Docstrings
    • IAM Database
      • How Policy Sentry uses the IAM database
        • Updating the AWS HTML files
    • Testing
      • Pipenv
      • Invoke
      • Local Unit Testing and Integration Testing: Quick and Easy
      • Running the Test Suite
    • Project Structure
      • Subfolders
      • Files and functions
    • Versioning
      • Version bumps
    • Roadmap
      • Condition Keys
      • Log-based policy generation

Library Usage

  • Library Usage
    • Getting Started with the Library
    • Examples
      • Querying the IAM Database
        • All
        • Actions
        • ARNs
        • Conditions
      • Writing Policies
        • Actions Mode: Writing Policies by providing a list of Actions
        • CRUD Mode: Writing Policies by Access Levels and ARNs
      • Analyzing Policies
        • Analyzing by access level
        • Expanding actions from a policy file
    • Module Reference
      • Querying
        • querying.all
        • querying.actions
        • querying.arns
        • querying.conditions
      • Writing
        • command.write_policy
        • writing.sid_group
        • writing.template
        • writing.validate
        • writing.minimize
      • Analyzing
        • analysis.analyze
      • Utilities
        • util.policy_files
        • util.arns
        • util.file
        • util.actions

Appendix

  • Appendices
    • Implementation Strategy
    • Comparison to related tools
      • Policy Revocation Tools
        • Repokid
      • AWS Tools
        • AWS Console - Visual Policy Editor
        • AWS Policy Generator (static website)
      • Log-based Policy Generators
        • CloudTracker
        • Trailscraper
      • Other Infrastructure as Code Tools
        • aws-iam-generator
        • Terraform
    • IAM Policies
      • IAM Policy Elements
      • Actions, Resources, and Condition Keys Per Service
        • Action Table
        • ARN Table
        • Condition Keys Table
        • References
    • Minimization
policy_sentry
  • Docs »
  • Search
  • Edit on GitHub

© Copyright 2019, Kinnaird McQuade Revision 48e9062f.

Built with Sphinx using a theme provided by Read the Docs.