Skip to content
/ cfn-policy-generator Public

Simple app to generate the least-privileged IAM policy to execute an AWS CloudFormation template.

2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

drautb/cfn-policy-generator

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
data
data
 
 
.gitignore
.gitignore
 
 
Procfile
Procfile
 
 
README.md
README.md
 
 
policy-generator.rkt
policy-generator.rkt
 
 
request-handler.rkt
request-handler.rkt
 
 
server.rkt
server.rkt
 
 

Repository files navigation

CloudFormation Policy Generator

Attempts to generate the least-privileged IAM policy required to deploy an AWS CloudFormation template.

It doesn't do any magic, nor does it make any AWS calls. It simply consults a catalog of the needed permissions for each CloudFormation resource type. The needed permissions can vary depending on which fields are populated on the resource.

A very small number of resources are supported right now. I'll be adding more over time, but pull requests are also welcome.

Example

For JSON templates:

curl -H "Content-Type: application/json" --data @template.json https://cfn-policy-generator.herokuapp.com/cloudformation/2010-09-09/template

For YAML templates:

curl -H "Content-Type: application/x-yaml" --data @template.yml https://cfn-policy-generator.herokuapp.com/cloudformation/2010-09-09/template

Local Testing

Run racket server.rkt.

About

Simple app to generate the least-privileged IAM policy to execute an AWS CloudFormation template.

Resources

Readme
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages