{"id":15853754,"url":"https://github.com/iamlizu/awspolicy","last_synced_at":"2026-02-06T16:34:21.862Z","repository":{"id":252492036,"uuid":"840160219","full_name":"IamLizu/awspolicy","owner":"IamLizu","description":"Command-line tool for generating custom AWS IAM policies with ease. Specify services, resources, and permissions through simple commands to create tailored security policies for your AWS projects.","archived":false,"fork":false,"pushed_at":"2024-08-12T04:55:05.000Z","size":99,"stargazers_count":0,"open_issues_count":3,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-18T03:02:46.212Z","etag":null,"topics":["aws","devops","iam-policy"],"latest_commit_sha":null,"homepage":"https://www.npmjs.com/package/awspolicy","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/IamLizu.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-09T05:16:37.000Z","updated_at":"2024-08-12T04:55:09.000Z","dependencies_parsed_at":"2024-08-10T07:53:55.945Z","dependency_job_id":"3f547977-4eca-410e-b062-3e3de2de277c","html_url":"https://github.com/IamLizu/awspolicy","commit_stats":null,"previous_names":["iamlizu/awspolicy"],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/IamLizu/awspolicy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IamLizu%2Fawspolicy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IamLizu%2Fawspolicy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IamLizu%2Fawspolicy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IamLizu%2Fawspolicy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/IamLizu","download_url":"https://codeload.github.com/IamLizu/awspolicy/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/IamLizu%2Fawspolicy/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":265846864,"owners_count":23838158,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","devops","iam-policy"],"created_at":"2024-10-05T19:22:48.074Z","updated_at":"2026-02-06T16:34:16.839Z","avatar_url":"https://github.com/IamLizu.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# awspolicy\n\n`awspolicy` is a command-line tool for generating custom [AWS IAM policies][iam-policy] with ease. Specify services, resources, and permissions through simple commands to create tailored security policies for your AWS projects.\n\n**Disclaimer**: Not affiliated with AWS and is not an official AWS product. It is a personal project created to simplify the process of generating IAM policies for AWS services with a command-line interface. For a more user-friendly policy generator, consider using the [Policy Generator][policy-gen] of AWS.\n\n## Installation\n\n```bash\n$ npm install awspolicy -g\n```\n\n## Features\n\n-   Generate IAM policies for AWS services with ease\n-   Specify services, resources, and permissions through simple commands\n-   Create tailored security policies for your AWS projects\n\n### Currently Supported Services\n\n#### IAM Policies\n\n-   S3\n-   ECR\n\n## Usage\n\n```console\nOptions:\n  -v, --version                 output the version number\n  -s, --service \u003ctype\u003e          AWS service (e.g., s3, ecr)\n  -b, --bucket \u003cname\u003e           S3 bucket name (required for S3)\n  -rp, --repositories \u003cname\u003e    Comma-separated list of ECR repository names (required for ECR)\n  -rg, --region \u003cregion\u003e        AWS region (e.g., ap-southeast-2)\n  -a, --account-id \u003caccountId\u003e  AWS account ID (e.g., 021704626424)\n  -p, --permission \u003clevels\u003e     Permissions for the selected service.\n                                For S3: binary format (e.g., 111).\n                                For ECR: comma-separated list of actions (e.g., ListImages,PutImage)\n  -t, --template \u003cname\u003e         Template for predefined permissions (e.g., generic for ECR)\n  -h, --help                    display help for command\n\n```\n\n### Examples\n\n#### S3\n\n```console\n$ awspolicy -s s3 -b my-bucket -p 111\n```\n\n#### ECR\n\nWe have a predefined template called `generic` which provides the following permissions,\n\n-   `BatchCheckLayerAvailability`\n-   `InitiateLayerUpload`\n-   `UploadLayerPart`\n-   `CompleteLayerUpload`\n-   `PutImage`\n-   `BatchGetImage`\n-   `GetDownloadUrlForLayer`\n\n`GetAuthorizationToken` is added separately to the policy to allow the user to authenticate, no need to specify it.\n\n```console\n$ awspolicy -s ecr -rg ap-southeast-2 -a 12345678 -rp my-repo -t generic\n```\n\nPermissions can be manually specified as well\n\n```console\n$ awspolicy -s ecr -rg ap-southeast-2 -a 12345678 -rp my-repo -p BatchCheckLayerAvailability,InitiateLayerUpload,UploadLayerPart,CompleteLayerUpload,PutImage,BatchGetImage,GetDownloadUrlForLayer\n```\n\n## Contributing\n\nFeel free to open an issue or submit a pull request. Adding other AWS services such as EC2, SES etc is highly encouraged.\n\n[iam-policy]: https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html\n[policy-gen]: https://awspolicygen.s3.amazonaws.com/policygen.html\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fiamlizu%2Fawspolicy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fiamlizu%2Fawspolicy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fiamlizu%2Fawspolicy/lists"}