Reference Information Service

AWS Reference Information Service: Making Policy Automation

Workflows for policy administration can be automated with the aid of JSON-formatted service reference data from Amazon Web Services (AWS)

[{"selector":"#anim-87ac1a7c-5e79-4014-b568-125e3724cb9b [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}]

Supporting AWS's growing number of services and actions is a key customer demand that the reference information service meets

[{"selector":"#anim-99543690-2abe-42d0-b730-881a2cb99405 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

You may choose to automate your policy management operations as your company grows and your AWS footprint increases

[{"selector":"#anim-5c181bd2-1ef8-49cd-a220-2bd7a8c016e2 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

Replace with the required AWS service, for as “s3” for Amazon Simple Storage Service (Amazon S3) or “ec2” for Amazon Elastic Compute Cloud

[{"selector":"#anim-a4637369-dd9f-45a0-8a92-b196af1e0563 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

[{"selector":"#anim-1446325e-340b-415c-a3f5-eb790ab6dfab [data-leaf-element=\"true\"]","keyframes":{"transform":["translate(0%, 0%) scale(1.5)","translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"forwards"}] These tools are available for you to use and modify to suit your needs in our GitHub repository. Pre-processor for service control policy (SCP) A notification mechanism for IAM actions that have been added or withdrawn

An SCP pre-processor simplifies SCP writing. Command-line utility SCP pre-processor. The utility provides a list of valid service control rules that meet policy size constraints after optimising and transforming a single JSON file

[{"selector":"#anim-62330988-76f8-4e6e-b1d7-0a8ae1d3b8e0 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

AWS policies may need to be updated when new IAM actions or services are released. This tool can notify you of new or discontinued actions or services

[{"selector":"#anim-f80763e4-6e7c-4750-9651-0b68328016b5 [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(12.514648210040342%, 0, 0)","translate3d(0%, 0, 0)"]},"delay":0,"duration":2000,"easing":"cubic-bezier(.3,0,.55,1)","fill":"both"}]

It works by downloading service reference data and comparing it to the latest tool run file version. These notifications can be used to manually check for sensitive actions or automatically update IAM policies as new actions are added

[{"selector":"#anim-5effd54c-c09c-498e-978d-7abf2da7f74a [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0) translate(-25%, 0%) scale(1.5)","translate3d(0%, 0, 0) translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"fill":"forwards"}]

The AWS reference information service simplifies policy creation and validation automation

[{"selector":"#anim-a60de938-eb35-49d3-b887-d68d8bd93e5a [data-leaf-element=\"true\"]","keyframes":{"transform":["translate3d(-12.514648210040342%, 0, 0) translate(-25%, 0%) scale(1.5)","translate3d(0%, 0, 0) translate(0%, 0%) scale(1)"]},"delay":0,"duration":2000,"fill":"forwards"}]