aws-iam-generator
aws-iam-generator copied to clipboard
awslabs
Generate Multi-Account IAM users/groups/roles/policies from a simple YAML configuration file and Jinja2 templates.
*Description of changes:* Fix typo in README By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.
Added the ability to also use IAM Permissions Boundaries in Roles. With boundaries becoming a more common feature for limiting permissions in IAM, found this feature quite useful. - Added...
*Description of changes:* * Allow condition elements on Role Policy Elements, allows f. ex. MFA Condition on role assumptions. * Template support for output filenames. * Allow setting max session...
I would like to be able to dynamically generate Roles based on the accounts. For example, if I have: ``` accounts: central: id: 123456678910 parent: true saml_provider: ProdADFS dev1: id:...
It would be great if this script support the ability to output the template using fn::join to pull in dynamic value when the CloudFormation stack run. This would enable the...
Does this script handle "DependsOn" statement? I am trying to create a template for kmsSecurity policy but keeps on getting the "Template validation error: Template format error: Unresolved resource dependencies...
As a user, I should be able to write my IAM policy statements in either JSON or YAML and the tool should automatically handle either format. Ideally this would be...
This toolset works great to create roles for a hub-and-spoke method with a central identity account! It would be nice to also have support for roles where each account has...
What is the recommended way to overcome the 200 resources limit in CloudFormation? Since the generator creates one template per account, I know I'm eventually going to hit the limit...
