"iamlive" Action For GitHub Actions
ActionsCapture the used AWS IAM permissions using client-side monitoring (CSM) from your GitHub actions workflow
v1.0.0
This Github action installs iamlive and allows to capture the used AWS IAM permissions using client-side monitoring (CSM).
Only installs iamlive
env:
AWS_CSM_ENABLED: 'true'
steps:
- uses: marcofranssen/[email protected]
with:
iamlive-version: v0.53.0
- run: ./iamlive --background --sort-alphabetical --output-file iamlive-policy.json
- run: |
aws s3 mb s3://test-bucket
aws s3 ls
- if: ${{ always() }}
run: |
echo "Waiting 60 secs for iamlive to process all the permissions"
sleep 60
while ps -ef | grep iamlive | grep -v grep
do
kill -s SIGTERM `ps -ef | grep iamlive | grep -v grep | awk '{print $2}'`
sleep 1
done
cat iamlive-policy.json
- if: ${{ always() }}
uses: actions/upload-artifact@v3
with:
name: iamlive-policy.json
path: iamlive-policy.jsonStarts iamlive automatically in the background and uses the post execution step to shutdown iamlive and upload the policy document.
env:
AWS_CSM_ENABLED: 'true'
steps:
- uses: marcofranssen/[email protected]
with:
iamlive-version: v0.53.0
auto-capture: true
output-file: iamlive-policy.json
- run: aws s3 ls
"iamlive" Action For GitHub Actions is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.
About
v1.0.0
"iamlive" Action For GitHub Actions is not certified by GitHub. It is provided by a third-party and is governed by separate terms of service, privacy policy, and support documentation.