identifying date of last iam_data and if not updating iam data

[tekdj7]

Feature Requests

• Include a method in the parliament library to determine the date from when the iam_data was pulled.
• Include a method in the parliament library to state if iam_data is older than X days, that it will update iam_data.
• Also, if above options are not available in parliament CLI, then include an update argument there too.

Is awsdocs.py still the correct/best solution that should be used if we want to update the iam_data sooner than the parliament releases? (in the short-term, until this can be included in parliament directly)

[AndersonLovelace]

@kylelady @0xdabbad00 if it's not possible to update the code to include an update-iam-data CLI flag, could the utils/update_iam_data.py script be automated with GitHub Actions to run at a scheduled frequency? For example, every 7 days run the script to automatically update the iam_definition.json file and bump the version.

[tekdj7]

@kylelady @0xdabbad00 any updates on this?

[0xdabbad00]

This project does not use Policy Sentry's web scraping tool. We have our own at utils/update_iam_data.py. . We will not be automating the refresh of the data as this project is not maintained well enough for myself or anyone to be able to investigate when it breaks (and AWS breaks their docs periodically). So it is just manually refreshed whenever I think to do it or make a release. You can do it yourself whenever you like though.

In terms of wanting to know the date it was last refreshed, we'd just need to add a field to the json blob that is created that has the date and then add a function to read this. I'll accept a PR for that if you want to do it, but I don't have a need for it to want to do it myself. Or you could look at the date of the release somehow probably.