consoleme icon indicating copy to clipboard operation
consoleme copied to clipboard

Published 20 hours ago verified publisher icon Netflix

Create a ConsoleMe policy that is readonly

Open yi2020 opened this issue 4 years ago • 3 comments

The current policy under spoke-accounts gives ConsoleMe both the read AND write access that it needs. However, if someone wants to deploy ConsoleMe in read-only, they'd want to use a different policy. Especially alarming is "iam:*"...

The documentation refers to this, but it may be a good idea to:

  1. Explain why each permission is needed (per ConsoleMe feature).
  2. Generate a version that is read-only, with an explanation of what features wouldn't be available.

yi2020 avatar Dec 10 '20 01:12 yi2020

i want to contribute on this project

MakboolShah avatar Dec 12 '20 05:12 MakboolShah

@MakboolShah Great! Feel free to join our Discord (link in the README) if you have questions.

patricksanders avatar Dec 17 '20 17:12 patricksanders

@patricksanders also just wrote an initial contributing guide here that might come in handy: https://hawkins.gitbook.io/consoleme/contributing

castrapel avatar Dec 17 '20 19:12 castrapel