Summary

The glassechidna/trackiam project addresses the complexity of AWS Identity and Access Management (IAM) by collating IAM actions, AWS APIs, and managed policies from public sources. It provides a centralized, searchable dataset for security engineers and cloud administrators to better understand and manage AWS permissions. The benefit is a clearer, more accessible overview of AWS's extensive IAM landscape.

How It Works

This project systematically collects and aggregates IAM-related data, including service actions and managed policies, from various public AWS resources. The collected information is then organized and published directly within the repository in policies and services folders, making it readily accessible for analysis. This approach offers a consolidated view of AWS's IAM components, simplifying the process of auditing and understanding permissions.

Quick Start & Requirements

The README does not provide specific installation or execution instructions. The collected data is published directly to the policies and services folders within the repository. Users can explore this data via a static site, though a link to this site is not provided in the README. No specific software prerequisites are mentioned.

Highlighted Details

• The project tracks 453 unique AWS services, 20,998 unique IAM actions, and 1,472 managed policies.
• Common IAM policy name prefixes include AWS* (399 policies), Amazon* (358 policies), and aws-service-role/* (336 policies).
• Analysis reveals discrepancies between AWS APIs and IAM actions, with services like EC2 having 155 IAM actions without corresponding invokable APIs, and S3 having 60 invokable APIs without corresponding IAM actions.
• The most frequent IAM action prefixes are List (3481 occurrences), Get (3157), and Delete (2403).

Maintenance & Community

The provided README does not contain information regarding project maintainers, community channels (e.g., Discord, Slack), sponsorships, or a public roadmap.

Licensing & Compatibility

The README does not specify a software license. Therefore, its terms for use, modification, and distribution, especially for commercial purposes, are unclear.

Limitations & Caveats

The project's data is derived from "various public sources," implying potential limitations in data freshness or completeness. The absence of explicit versioning or update frequency information means users should verify the recency of the collected IAM data. The lack of a specified license also presents a significant adoption blocker for many use cases.