iamfast

Generate least privileged AWS IAM policies by analysing application code.

Screenshot

Usage

To generate policies using iamfast, first navigate to a file within your codebase. iamfast currently supports the following languages:

JavaScript (v2/v3 SDK)
Python 3 (Boto3 SDK)
Go (v1/v2 SDK)
Java (v2 SDK)

The following programming languages are planned:

PHP (v3 SDK)
C/C++ (v1 SDK)
Rust (v1 SDK)
.NET/C# (v3/v4 SDK)
Ruby (v1 SDK)

Once you have navigated to a file, you can click on the generate policy button in the status bar.

When prompted, select the scope of the policy you would like to generate. The policy can be generated for the current file, or all files in the current workspace. You can then select the output language of the policy, which can be JSON, YAML, SAM or HCL. These options can be defaulted in the extension settings. The policy will then be generated and displayed in a new editor tab.

Settings

Here is the list of all settings you can set within this extension:

Setting	Description	Options
`iamfast.defaultLanguage`	Specifies the default output language of the IAM policy	`prompt`, `json`, `yaml`, `sam`, `hcl`
`iamfast.defaultInclusions`	Specifies the default mode for external code inclusions	`prompt`, `file`, `project`, `organization`, `external`, `all`
`iamfast.explainMode`	Highlight the code which contributes to the construction of a policy statement resource
`iamfast.context`	Specifies the mode for contextual information, used for account ID, region etc.	`none`, `local`
`iamfast.profile`	The AWS credentials profile to use when context is not set to 'none'

iamfast

iamfast.io

iamfast

Usage

Settings