https://github.com/stelligent/iam_complexity_metrics

Experimenting with the notion of complexity metrics for IAM policy documents
https://github.com/stelligent/iam_complexity_metrics

Last synced: about 1 year ago
JSON representation

Experimenting with the notion of complexity metrics for IAM policy documents

• Host: GitHub
• URL: https://github.com/stelligent/iam_complexity_metrics
• Owner: stelligent
• License: mit
• Created: 2020-03-11T20:23:19.000Z (about 6 years ago)
• Default Branch: master
• Last Pushed: 2022-06-07T21:35:38.000Z (almost 4 years ago)
• Last Synced: 2024-12-26T00:26:55.140Z (over 1 year ago)
• Language: Ruby
• Size: 16.6 KB
• Stars: 1
• Watchers: 3
• Forks: 1
• Open Issues: 3
• Metadata Files:
  • Readme: README.md
  • License: LICENSE.md

Awesome Lists containing this project

README

          
## Prerequisites

1. Install Ruby 2.5 or greater

2. Install bundler if need be

3. bundle install

## SPCM for CloudFormation Templates

To compute the Stelligent Policy Complexity Metric (SPCM) against a directory of CloudFormation templates:

```rake cfn_iam_metrics[/var/tmp/aws_sample_templates]```

where /var/tmp/aws_sample_templates is a directory containing templates ending in either .yml, .yaml, .json, or .template

The parser is very limited and best effort around ignoring pseudo-functions and dynamic values embedded inside policy 

documents.

## SPCM for Live IAM Policy Documents

To compute the Stelligent Policy Complexity Metric (SPCM) against all the AWS Managed Policy documents

in an account:

```rake live_iam_metrics[aws_profile]```

where aws_profile is the name of the aws_profile to use to access the live AWS account, e.g. labs, dev, prod, etc.