You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Sometimes the AWS documentation is incorrect - for example, as of today, I have the following documentation change requests still open with AWS:
Systems Manager:
ssm:PutParameter is listed as “Tagging” on the “Actions, Resources, and Conditions Keys” page. Should be “Write”
CloudWatch Events:
The entire events (Cloudwatch events) API is missing from the “Actions, Resources, and Conditions Keys” page. CloudWatch events is now EventBridge
EC2
The following actions are listed as “Write” access level on the “Actions, Resources, and Conditions Keys” page. They should be “Permissions management”
ec2:ResetSnapshotAttribute
ec2:CreateNetworkInterfacePermission
ec2:DeleteNetworkInterfacePermission
ec2:ModifyVpcEndpointServicePermissions
Additionally, there are some items that are listed appropriately for the purposes of the AWS documentation itself, but should be considered as "Permissions Management" access level for the purposes of this tool. For example:
All actions under IAM that are listed at the "Write" access level should be "Permissions Management" for the purposes of this tool
All actions under RAM that are listed at "Write" access level should be "Permissions Management" for the purposes of this tool
Therefore, I should be able to supply a YML file at policy_sentry initialize time that overrides the Access level provided by the documentation. That way, we don't have to wait for AWS to update their docs to have the proper access levels in place.
The text was updated successfully, but these errors were encountered:
Sometimes the AWS documentation is incorrect - for example, as of today, I have the following documentation change requests still open with AWS:
ssm:PutParameter
is listed as “Tagging” on the “Actions, Resources, and Conditions Keys” page. Should be “Write”CloudWatch Events:The entireCloudWatch events is now EventBridgeevents
(Cloudwatch events) API is missing from the “Actions, Resources, and Conditions Keys” page.ec2:ResetSnapshotAttribute
ec2:CreateNetworkInterfacePermission
ec2:DeleteNetworkInterfacePermission
ec2:ModifyVpcEndpointServicePermissions
Additionally, there are some items that are listed appropriately for the purposes of the AWS documentation itself, but should be considered as "Permissions Management" access level for the purposes of this tool. For example:
Therefore, I should be able to supply a YML file at
policy_sentry initialize
time that overrides the Access level provided by the documentation. That way, we don't have to wait for AWS to update their docs to have the proper access levels in place.The text was updated successfully, but these errors were encountered: