aws-pricing
aws-pricing copied to clipboard
aryounce
Reduce required permissions
Seems very useful, but the required permissions are a bit steep... does it really need all of these? Would be great to just ask for the minimal set.
Hi @patrickangeles
Yes, I believe the way Google auth scopes are setup those are the minimal requirements for this add-on to function. There weren't any scopes added that I did not think had to be included for this to work, but definitely looking for feedback if that is incorrect.
Are any of those in particular ones you are concerned about or have questions for why they are required?
Hi @mheffner
Thanks for the prompt response. I suppose it's the first item that gives me the most pause. I'd like to use it for work-related calculators and I'm not ready to grant blanket permission on all my spreadsheets for a third-party plugin.
@patrickangeles I see, yeah unfortunately for aws-pricing to work it needs to be able to read fields to identify pricing configuration details and then write those results back out. The auth scopes are pretty limited for spreadsheets, it is readonly or not. It will definitely not create or delete spreadsheets, but there does not appear to be a way to select that level of granularity.
I completely understand your level of concern though, I would be concerned as well. The plugin is open source in this repo, so if you want to do the work you could compile and upload a version yourself to run locally.
We have reduced the required permissions to the absolute minimum in the new version of the add-on that is launching soon.
