Chris Norman
Chris Norman
From the Common Fate Community Slack: > We’re getting this error when trying to use aws ssm start-session - I couldn’t see anything online but now I’m reading Brian’s comment...
We should document how Granted is different from, or similar to, other AWS login tools on docs.commonfate.io. [Last Week in AWS's article](https://www.lastweekinaws.com/blog/taking-aws-account-logins-for-granted/) mentions that Granted works well with `aws-sso-utils` to...
When assuming a role with Granted and then running [sops](https://github.com/mozilla/sops) the following error is returned: ``` Failed to get the data key required to decrypt the SOPS file. Group 0:...
Currently we only support running IAM Zero locally, using the `iamzero local` command. However IAM Zero will be a lot more valuable when it can be used in a team...
We should group actions together if they are a similar API call - for example, the below policy should only show a single action as the same S3 API has...
https://github.com/common-fate/iamzero-python-example/pull/6 adds some new examples, including a specific example which calls an AWS API we don't yet provide least-privilege advisories for. Currently when you run this example, this is what...
Currently we have an "apply" button in the IAM Zero console which directly creates an IAM policy in AWS. There isn't a lot of auditing, portability, or flexibility with this...
We should split the Least-Privilege Advisories library out from the rest of IAM Zero and release it separately so that other projects can benefit from the advisory library - potentially...
Currently we only support a single account environment. Ideally in larger setups IAM Zero can run in it's own account, potentially with roles allowing the advisor engine to audit particular...