Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/iamfastio/iamfast

Repository for iamfast questions and issues
https://github.com/iamfastio/iamfast

access-control ast authorization aws cloud go iam identity java javascript least-privilege policy python security

Last synced: 1 day ago
JSON representation

Repository for iamfast questions and issues

Host: GitHub
URL: https://github.com/iamfastio/iamfast
Owner: iamfastio
Created: 2021-01-30T03:58:16.000Z (almost 4 years ago)
Default Branch: readme
Last Pushed: 2025-01-11T22:36:37.000Z (12 days ago)
Last Synced: 2025-01-14T15:06:24.460Z (10 days ago)
Topics: access-control, ast, authorization, aws, cloud, go, iam, identity, java, javascript, least-privilege, policy, python, security
Homepage:
Size: 8.33 MB
Stars: 171
Watchers: 7
Forks: 11
Open Issues: 2
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

        # iamfast



## About

This is an issues-only repo for **iamfast**, a toolset which generates AWS IAM policies from application code.

## Installation

```

npm i -g iamfast

```

You can also install iamfast as a [Visual Studio Code extension](https://marketplace.visualstudio.com/items?itemName=iamfast.iamfast-vscode).

## Usage

Execute `iamfast` with the first argument being the file or directory to be scanned.

```

iamfast yourfile.js

```

iamfast supports the following programming languages:

* JavaScript (v2/v3 SDK)

* Python 3 (Boto3 SDK)

* Go (v1/v2 SDK)

* Java (v2 SDK)

The following programming languages are planned:

* PHP (v3 SDK)

* C/C++ (v1 SDK)

* Rust (v1 SDK)

* .NET/C# (v3/v4 SDK)

* Ruby (v1 SDK)

#### Optional Flags

**--format:** Sets the format of the output, currently supporting `json` (default), `yaml`, `hcl` and `sam`

**--inclusions:** Specify the mode for external code inclusions, currently supporting `file` (default), `project`, `organization`, `external` and `all`

**--context:** Specify the mode for contextual information, used for account ID, region etc., currently supporting `none` (default) and `local`

**--profile:** The profile to use for contextual information

## Example

```

> cat tests/js/test1.js

// Load the AWS SDK for Node.js

var AWS = require('aws-sdk');

// Set the region 

AWS.config.update({region: 'us-east-1'});

// Create the DynamoDB service object

var ddb = new AWS.DynamoDB({apiVersion: '2012-08-10'});

var params = {

  TableName: 'CUSTOMER_LIST',

  Item: {

    'CUSTOMER_ID' : {N: '001'},

    'CUSTOMER_NAME' : {S: 'Richard Roe'}

  }

};

// Call DynamoDB to add the item to the table

ddb.putItem(params, function(err, data) {

  if (err) {

    console.log("Error", err);

  } else {

    console.log("Success", data);

  }

});

```

```

> iamfast tests/js/test1.js

{

    "Version": "2012-10-17",

    "Statement": [

        {

            "Effect": "Allow",

            "Action": "dynamodb:PutItem",

            "Resource": [

                "arn:aws:dynamodb:us-east-1:123456789012:table/CUSTOMER_LIST"

            ]

        }

    ]

}

```