Skip to content
The Mozilla federated policy builder helps craft AWS IAM Roles that permit users to assume those roles using a federated identity.
Python
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
mozfederatedpolicybuilder
tests
.gitignore
.travis.yml
README.md
setup.py
tox.ini

README.md

mozfederatedpolicybuilder

PyPI version Build Status

The Mozilla federated policy builder helps craft AWS IAM Roles that permit users to assume those roles using a federated identity.

Installation

pip install mozfederatedpolicybuilder

Usage

mozfederatedpolicybuilder

You'll be prompted to choose what type of output you want

Policy format options :
* c/cloudformation : A YAML CloudFormation template which provisions a
    federated IAM role
* j/json-cloudformation : A JSON CloudFormation template which provisions a
    federated IAM role
* a/awscli : An AWS CLI command line command which creates a federated IAM role
* p/policy : The JSON trust relationship portion of the IAM policy (this can be
    copy pasted into the web console)

What format would you like the policy returned in? (c/cloudformation / a/awscli / j/json)

Select an output type. You'll be prompted for the groups you want to grant access

User groups can be granted access to the federated IAM role.
* Supported : Allow users in the group foo to assume the IAM role : "foo"
* Supported : Allow users in the group foo as well as users in the group bar to
    assume the IAM role : "foo,bar"
* Supported : Allow users in any group that begins with "foo_" : "foo_*"
What groups would you like to grant access to this role?

You'll next be prompted for the name of the AWS IAM Role

What name would you like for the AWS IAM Role?

Finally the tool will return the policy details in the format you've requested

You can’t perform that action at this time.