Limit permissions asked for miserbot

concurrencylabs / aws-cost-analysis

Tools that make it easier to analyze AWS Cost and Usage reports. Initial version provides support for Athena and QuickSight.

GNU General Public License v3.0

173 stars 43 forks source link

Limit permissions asked for miserbot #16

Closed Sytten closed 5 years ago

Sytten commented 5 years ago

I don't know if people realize that the permissions give readonly access to a LOT of stuff including secrets... I would be appreciated if you could limit those permissions to only what is necessary for the bot to operate.

concurrencylabs commented 5 years ago

Thank you for your comment. The bot also performs analysis on cost optimizations, for which it needs to have some degree of read access. We will take a closer look and restrict the policy to deny access on operations that are not necessary for cost optimization analysis. In the meanwhile, this repository is not used to keep track of MiserBot issues. We will add this issue to our backlog. If you'd like to follow up on this, please feel free to contact us at support@concurrencylabs.com