While I found the recently announced list of checks that IAM Access Analyzer performs on your policies buried deep in the documentation, it wasn't as easy to navigate as I would've liked. Here's the full list of the check names,
Tips and links for working with VTL templates and AWS services like AppSync and API Gateway
AWS accounts with leading zeros can play havoc with your YAML, so use ARNs instead.
A common point of confusion when getting started with AWS IAM, and when trying to implement "least privileges" on IAM is the message "is not authorized to perform: iam:PassRole on resource". Usually this refers to "User" or "CloudFormation" as
"AWS Amplify" is easy to say, but what does it mean? Is it Amplify.js? The AWS Amplify Console? The Amplify Framework? Wonder no more, and read on to uncover the truth of Amplify!
So I've had the idea of this post for a while. Like "3 years ago" a while: CFN Layer Cake FTW!I first came across the idea of the CloudFormation Layer Cake from this AWS Advent blog post from 2012,
AWS documentation letting you down? Never fear, GitHub can help with that! Find CloudFormation examples quickly and easily.
TL;DR I made Effective IAM Actions, a small tool to expand wildcards "*"in IAM Policy Actions so that you can see explicitly what permissions are granted by a policy. It supports multiple statements in each policy, Allow and Deny
Subscribe to Rowan Udell
Subscribe today and get access to a private newsletter and new content every week!