GithubHelp home page GithubHelp logo

jmahowald-slalom / iamlive Goto Github PK

View Code? Open in Web Editor NEW

This project forked from iann0036/iamlive

0.0 0.0 0.0 4.64 MB

Generate a basic IAM policy from AWS client-side monitoring (CSM)

License: MIT License

Go 100.00%

iamlive's Introduction

iamlive

Generate a basic IAM policy from AWS client-side monitoring (CSM)

Installation

Pre-built binaries

Pre-built binaries for Windows, macOS and Linux are available for download in the project releases.

Once downloaded, place the extracted binary in your $PATH (or execute in-place). For macOS users, you may need to allow the application to run via System Preferences.

Build with Go

To build and install this application, clone this repository and execute the following from it's base:

go install

You must have Go 1.16 or later installed for the build to work.

Usage

To start the listener, simply run iamlive in a separate window to your CLI / SDK application. You can use Ctrl+C to exit when you are done.

CLI Arguments

You can optionally also include the following arguments to the iamlive command:

--set-ini: when set, the .aws/config file will be updated to use the CSM monitoring and removed when exiting (default: false)

--profile: use the specified profile when combined with --set-ini (default: default)

--fails-only: when set, only failed AWS calls will be added to the policy (default: false)

--output-file: specify a file that will be written to on SIGHUP or exit (default: unset)

--refresh-rate: instead of flushing to console every API call, do it this number of seconds (default: 0)

Example

iamlive --set-ini --profile myprofile --fails-only --output-file policy.json --refresh-rate 1

CSM Enabling

CLI

To enable CSM in the AWS CLI, you should either use the --set-ini option or add the following to the relevant profile in .aws/config:

csm_enabled = true

Alternatively, you can run the following in the window executing your CLI commands:

export AWS_CSM_ENABLED=true

SDKs

To enable CSM in the various AWS SDKs, you can run the following in the window executing your application prior to it starting:

export AWS_CSM_ENABLED=true
export AWS_CSM_PORT=31000
export AWS_CSM_HOST=127.0.0.1

FAQs

I get a message "package embed is not in GOROOT" when attempting to build myself

This project requires Go 1.16 or above to be built correctly (due to embedding feature).

Can we include specifics for the Resource and Condition fields?

No, the CSM protocol does not support it and cannot be changed.

Acknowledgements

This project makes heavy use of Parliament and was assisted by Scott Piper's CSM explainer.

iamlive's People

Contributors

iann0036 avatar tisba avatar jmahowald-slalom avatar martinbaillie avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.