As a security ops,
I want GCNotify to restrict its role permissions,
So that if a component at risk does not lend to further exploit.
WHY are we building?
Better security.
WHAT are we building?
Restricting permissions provided to roles. Potentially via the aws iam access analyzer which can report which access is necessary or these that are too wide. Also the CLI tool iamlive seems handy.
Description
As a security ops, I want GCNotify to restrict its role permissions, So that if a component at risk does not lend to further exploit.
WHY are we building?
Better security.
WHAT are we building?
Restricting permissions provided to roles. Potentially via the aws iam access analyzer which can report which access is necessary or these that are too wide. Also the CLI tool iamlive seems handy.
VALUE created by our solution
Trust and security in our software.
Acceptance Criteria
To be completed.
QA Steps
To be completed.
Resources