search

aws / aws-toolkit-vscode

Amazon Q, CodeCatalyst, Local Lambda debug, SAM/CFN syntax, ECS Terminal, AWS resources
https://marketplace.visualstudio.com/items?itemName=AmazonWebServices.amazon-q-vscode
Apache License 2.0
1.41k stars 346 forks source link

feat(policyCheck): CheckAccessNotGranted, CheckNoPublicAccess #5208

Closed alankuo-aws closed 1 week ago

alankuo-aws commented 1 week ago

Problem

IAM Access Analyzer recently released an update to custom policy checks adding support for public access and critical resources: https://aws.amazon.com/about-aws/whats-new/2024/06/aws-iam-access-analyzer-policy-checks/

Solution

This PR updates the policyCheck toolkits integration to support the updated checks.

References

PR for adding telemetry for IamPolicyChecks: https://github.com/aws/aws-toolkit-common/pull/735 PR for updating telemetry for updated checks: https://github.com/aws/aws-toolkit-common/pull/756 PR for release of the IamPolicyChecks feature in toolkits: https://github.com/aws/aws-toolkit-vscode/pull/5028

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

alankuo-aws commented 1 week ago

Will request review of this PR from kevluu@ first and will comment on this PR when approved and ready for review by Toolkits team

alankuo-aws commented 1 week ago

UI examples:

Screenshot 2024-06-24 at 11 16 58 AM Screenshot 2024-06-24 at 11 17 20 AM
justinmk3 commented 1 week ago

Please always check the content of your PR. The package.json file should not be committed

alankuo-aws commented 1 week ago

Thanks Justin - sorry about that, I removed the toolkits/package.json that was committed by mistake. core/package.json is still included since we need the latest version of the telemetry package.