Git Product home page Git Product logo

Comments (4)

kmcquade avatar kmcquade commented on May 26, 2024

@mrudrara - The "services" and "actions" in the triage worksheet could be better termed as "services affected" and "actions affected". So, a given IAM policy could have permissions across three services, but let's say that the policy leverages resource constraints for all actions except for s3:GetObject. In this case, the policy would have 1 under services, and 1 under actions.

Does that make sense?

And by all means, feel free to ask basic questions if needed. This is a new tool and chances are that if you're asking the question, others may be asking themselves the same thing. Glad you are enjoying it; happy to help.

from cloudsplaining.

mrudrara avatar mrudrara commented on May 26, 2024

Thank you, in my environment. I have multiple entries of the same Policy

Allow-Invoke-Lambdas,role,Customer,3,16,
Allow-Invoke-Lambdas,role,Customer,5,98,
Allow-Invoke-Lambdas,role,Customer,3,4,
Allow-Invoke-Lambdas,role,Customer,3,4,
Allow-Invoke-Lambdas,role,Customer,3,16,
Allow-Invoke-Lambdas,role,Customer,5,98,
Allow-Invoke-Lambdas,role,Customer,3,4,
Allow-Invoke-Lambdas,role,Customer,3,4,

Essentially these are inline policies (having the same name) attached to various roles but with different Services and Actions.
wondering why it is categorized as a role?

from cloudsplaining.

kmcquade avatar kmcquade commented on May 26, 2024

I faced the same issue the other day, so I hear you. We used "role" to describe "Inline Role Policy" because listing "Inline Role Policy", "Inline Group Policy", "Inline User Policy" for every inline policy seemed a bit repetitive - but looking back, it seems like it would have been necessary to keep things clear.

I'm looking into some refactoring strategies for the Inline policies issue. Let me get back to you with some more details about what we're planning or considering in the refactored state - should have those details in the next week.

from cloudsplaining.

mrudrara avatar mrudrara commented on May 26, 2024

Perfect! Thank you.
It would be beneficial, especially inline policies though "named" are not searchable from the console.

wondering if I can propose an extra column to the role/group/user the inline policy is attached

from cloudsplaining.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.