amplify-cli
amplify-cli copied to clipboard
aws-amplify
Audit Users
Is this feature request related to a new or existing Amplify category?
New category
Is this related to another service?
Deployment and publish
Describe the feature you'd like to request
I’d like an amplify audit function for helping to ensure environments are locked down…
Specifically it would be helpful to quickly determine which user and service accounts can modify and read an amplify environment…
essentially this would do a quick check of each user to see if they have permission to modify a project structure, read or update its data and report on when the account was last used.
Describe the solution you'd like
Amplify audit
- ( ) User1 - last login - 1/1/2020
- ( ) User2 - last login - 2/2/2022
Selecting the user would give a permissions list of the union of the users permissions and the projects permissions.
Describe alternatives you've considered
This could probably be done manually but would break peoples brains…
Additional context
No response
Is this something that you'd be interested in working on?
- [ ] 👋 I may be able to implement this feature request
Would this feature include a breaking change?
- [ ] ⚠️ This feature might incur a breaking change
This could work in conjunction with a —production flag to ensure that production environments are locked down (and exceptions are reported on, or prevented from happening altogether)
Related to - https://github.com/aws-amplify/amplify-category-api/issues/404
How can you audit user actions in Amplify?
Let's say I want to have a log entry when a logged-in Cognito user deletes a record in one of my tables?