Considering Availability of Credentials in Querying

nccgroup / PMapper

A tool for quickly evaluating IAM permissions in AWS.

GNU Affero General Public License v3.0

1.37k stars 169 forks source link

Considering Availability of Credentials in Querying #46

Closed ncc-erik-steringer closed 3 years ago

ncc-erik-steringer commented 4 years ago

Along the lines of #44, maybe we can add a --consider-creds arg to the query subcommands to ignore users with inactive creds (but only as the "root" of a chain of principals since other users would have to create active creds to gain access to them).

Definitely not the default setting for queries tho, since PMapper should focus more on interpreting IAM Policies.

ncc-erik-steringer commented 3 years ago

Dropping, value-add is too small.