Skip to content

runjivu/which-allowed

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
.github/workflows
.github/workflows
 
 
src
src
 
 
.gitignore
.gitignore
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
Changelog.md
Changelog.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

which-allowed

A cli tool to check which policy allowed actions for AWS IAM entities.

Usage

CLI tool to check which policy allowed actions for AWS IAM entities.
Use it inside an environment where the cli can retrieve IAM credentials,
which has IAMReadOnly or above permissions.

Usage: which-allowed --entity-type <ENTITY_TYPE> --entity-name <ENTITY_NAME> --action-name <ACTION_NAME>

Options:
      --entity-type <ENTITY_TYPE>  The type of IAM Entity [possible values: user, role]
      --entity-name <ENTITY_NAME>  The name of IAM Entity
      --action-name <ACTION_NAME>  The name of action IAM entity performed
  -h, --help                       Print help

You can also use interactive mode by just using which-allowed.

Downloading and Using the Release

You can download the pre-built binaries from the Releases page on GitHub.

Choose the appropriate binary for your operating system (Linux, macOS, Windows) and download it.

Build

If you would like to build the project manually, you need to have Rust installed.

Follow the instructions below to build the project:

git clone https://github.com/runjivu/which-allowed.git
cd which-allowed
cargo build --release
./target/release/which-allowed --entity-type <ENTITY_TYPE> --entity-name <ENTITY_NAME> --action-name <ACTION_NAME>

About

which policy allowed this action to this IAM?

Topics

aws security-audit iam

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases 2

v1.0.1 Latest
Jul 19, 2024
+ 1 release

Packages

No packages published

Languages