Parse Custom Policy JSON To Permissions Cloud Effective Actions Table

viveksupe commented 2 years ago

Sample Input:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:get*",
            "Resource": "*"
        }
    ]
}

ACTION | BASED ON | ACCESS LEVEL
-- | -- | --
s3:GetAccelerateConfiguration | s3:Get* | Read
s3:GetAccessPoint | s3:Get* | Read
s3:GetAccessPointConfigurationForObjectLambda | s3:Get* | Read
s3:GetAccessPointForObjectLambda | s3:Get* | Read
s3:GetAccessPointPolicy | s3:Get* | Read
s3:GetAccessPointPolicyForObjectLambda | s3:Get* | Read
s3:GetAccessPointPolicyStatus | s3:Get* | Read
s3:GetAccessPointPolicyStatusForObjectLambda | s3:Get* | Read
s3:GetAccountPublicAccessBlock | s3:Get* | Read
s3:GetAnalyticsConfiguration | s3:Get* | Read
s3:GetBucketAcl | s3:Get* | Read
s3:GetBucketCORS | s3:Get* | Read
s3:GetBucketLocation | s3:Get* | Read
s3:GetBucketLogging | s3:Get* | Read
s3:GetBucketNotification | s3:Get* | Read
s3:GetBucketObjectLockConfiguration | s3:Get* | Read
s3:GetBucketOwnershipControls | s3:Get* | Read
s3:GetBucketPolicy | s3:Get* | Read
s3:GetBucketPolicyStatus | s3:Get* | Read
s3:GetBucketPublicAccessBlock | s3:Get* | Read
s3:GetBucketRequestPayment | s3:Get* | Read
s3:GetBucketTagging | s3:Get* | Read
s3:GetBucketVersioning | s3:Get* | Read
s3:GetBucketWebsite | s3:Get* | Read
s3:GetEncryptionConfiguration | s3:Get* | Read
s3:GetIntelligentTieringConfiguration | s3:Get* | Read
s3:GetInventoryConfiguration | s3:Get* | Read
s3:GetJobTagging | s3:Get* | Read
s3:GetLifecycleConfiguration | s3:Get* | Read
s3:GetMetricsConfiguration | s3:Get* | Read
s3:GetMultiRegionAccessPoint | s3:Get* | Read
s3:GetMultiRegionAccessPointPolicy | s3:Get* | Read
s3:GetMultiRegionAccessPointPolicyStatus | s3:Get* | Read
s3:GetObject | s3:Get* | Read
s3:GetObjectAcl | s3:Get* | Read
s3:GetObjectLegalHold | s3:Get* | Read
s3:GetObjectRetention | s3:Get* | Read
s3:GetObjectTagging | s3:Get* | Read
s3:GetObjectTorrent | s3:Get* | Read
s3:GetObjectVersion | s3:Get* | Read
s3:GetObjectVersionAcl | s3:Get* | Read
s3:GetObjectVersionForReplication | s3:Get* | Read
s3:GetObjectVersionTagging | s3:Get* | Read
s3:GetObjectVersionTorrent | s3:Get* | Read
s3:GetReplicationConfiguration | s3:Get* | Read
s3:GetStorageLensConfiguration | s3:Get* | Read
s3:GetStorageLensConfigurationTagging | s3:Get* | Read
s3:GetStorageLensDashboard | s3:Get* | Read

I may need to understand the implementation you have but seems you pre-populate managed policy to the table here. Any inputs?

https://raw.githubusercontent.com/iann0036/iam-dataset/main/managed_policies.json

iann0036 commented 2 years ago

Great suggestion!

Put this in today: https://permissions.cloud/policyevaluator

Thanks @rowanu for trailblazing <3

viveksupe commented 2 years ago

Thanks Ian! 🙏

iann0036 / aws.permissions.cloud

Parse Custom Policy JSON To Permissions Cloud Effective Actions Table #2