iamer

Release 0.1.4

AWS IAM dump and load tool

Homepage PyPI Python

Keywords
aws, iam, boto
License
GPL-3.0
Install
pip install iamer==0.1.4

Documentation

IAMer

Build Status Downloads Latest Version

IAMer dump and load your AWS IAM configuration into text files.

Once dumped, you can version the resulting json and ini files to keep track of changes, and even ask your team mates to do Pull Requests when they want access to something.

IAMer is idempotent. You can run it as many times as you want, the resulting files will always be the same. This is useful to make sure your files are up to date with what you have in IAM.

To Be Implemented: Once the text files have been modified, you can load the changes into IAM with one command.

Quick Start

# Dump your current IAM database
$ iamer dump
Dumping users...
Dumping groups...
Dumping policies...

# Save it
$ git commit
$ git push

Install

pip install iamer

Configuration

IAMer uses boto so you will need the following to run:

export AWS_ACCESS_KEY_ID="1234567890"
export AWS_SECRET_ACCESS_KEY="bb7075bc63f93d21fb9b8f45c3fa5ad0"

See the boto documention for other ways to configure it.

Usage

There are 2 modes of operation, dump and load.

Dump your IAM configuration locally

$ iamer dump
Dumping users...
Dumping groups...
Dumping policies...

You will get 3 things:

  1. users.ini
  2. groups.ini
  3. policies/*.json

1. users.ini

A users.ini file with the list of users defined in IAM, and the groups and policies attached to each.

# This user has no group or policy
[bob]

# joe is part of the useless-group group
[joe]
groups = useless-group

# superadmin has multiple groups and policies attached to him
[superadmin]
groups = ec2-rw,
         ec2-r53-r
policies = dynamodb-dev-201301121713,
           dynamodb-live-201301121713

2. groups.ini

A groups.ini file with the list of groups defined in IAM, and the policies attached to each.

# A group with no policy
[useless-group]

# The ec2-rw group has the ec2-read-write policy attached to it
[ec2-rw]
policies = ec2-read-write

# This group has 2 policies attached
[ec2-r53-r]
policies = ec2-read-only,
           r53-read-only

3. policies/*.json

And in the policies/ folder, you will find all the policies referenced in the users.ini and groups.ini files as json files.

For example, the policies/ec2-read-write.json will contain:

{
  "Statement": [
    {
      "Action": "ec2:*",
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}

Update your IAM config based on your local files

TO BE IMPLEMENTED

See Also

Stats

Dependencies
0
Dependent packages
0
Dependent repositories
0
Total releases
5
Latest release
First release
Stars
40
Forks
7
Watchers
61
Contributors
1
Repository size
34.2 KB
SourceRank
9

Development practices

Source repo 2FA enabled
TEXT!
Package manager 2FA enabled
TEXT!
Is security responsive
TEXT!
Dependencies are managed
TEXT!
Issue-free release available
TEXT!
Succession plan available
TEXT!
Package manager 2FA enabled
TEXT!

The Tidelift Subscription provides access to a continuously curated stream of human-researched and maintainer-verified data on open source packages and their licenses, releases, vulnerabilities, and development practices.

Learn more

Releases

0.1.4
0.1.3
0.1.2
0.1.1
0.1.0

Contributors

Laurent Raufaste


See all contributors

Something wrong with this page? Make a suggestion

Export .ABOUT file for this package

Last synced: 2021-12-15 16:49:00 UTC

Login to resync this project