Introducing the IAM Policy Catalog
Since we first launched the IAM Pulse community a few months ago, our members have contributed a wealth of knowledge in article form – topics ranging from AWS IAM Permissions Boundaries to designing least privilege access controls to serverless deployments. We aim to give cloud professionals a platform to share their expertise and build their personal brand in a low effort, high impact way. I’m excited to introduce a new type of technical content that our members can publish, and the community as a whole can engage with – IAM Policy documents.
Policies are the backbone of each cloud provider’s IAM services. They specify who can do what under which conditions. Every cloud provider has a unique (and complex) specification for IAM policies, however each can be represented as JSON documents. When designing for least privilege access, it’s best to avoid the defaults, and customize policies to the nature of your workloads and your teams. But have you ever opened up your code editor and stared blankly at where to start? Our IAM Policy Catalog is a place to browse usable and customizable examples to get you on your way.
Using the IAM Policy Catalog
The IAM Policy Catalog is a browsable and searchable index of member contributed IAM Policy documents, filterable by provider and service. Want to keep your team’s permissions fine-grained by tag? Spinning up a Lambda function and want to write a policy for the attached role? Find an example from the community here. Once you find a policy that matches your needs, you can tailor to your environment by substituting the inline variables to your values.
Community members can contribute their own examples to the Catalog through a simple form wizard. Policies are specified for a specific cloud provider, and optionally tagged for services impacted such as Amazon EC2 and S3. Paste your JSON code in the editor and add any documentation as markdown. To help the reader customize, follow the instructions to carve out variables individually. When you’re ready, publish your Policy to get added to the Catalog.
Start browsing the IAM Policy Catalog today. To publish a Policy to the Catalog, membership to the IAM Pulse community is free – sign up for an account here to personalize your profile and start contributing your knowledge. Shared learning drives collective intelligence!
Get the IAM Pulse Check Newsletter
We send out a periodic newsletter full of tips & tricks, contributions from the community, commentary on the industry, relevant social posts, and more.
Checkout past issues for a sampling of the goods.