CSM

Silly tool for debugging AWS IAM policies.

Refer to the official docs for details

Installation

go get github.com/pschulten/csm

or download the binary from the releases

Usage

Run the server in one shell:

csm

Enable CSM and do some AWS API calls in another shell:

export AWS_CSM_ENABLED=true
aws kms describe-key --key-id 5492cc29-0843-40e7-87e5-c677959bc7dd
aws s3 ls
aws s3 ls s3://ALLOWED_BUCKET
aws s3 ls s3://FORBIDDEN_BUCKET

See your report in the first shell. Stop the server with C-c.

$ csm
200 KMS:DescribeKey                                    kms.eu-central-1.amazonaws.com
200 S3:ListBuckets                                     s3.eu-central-1.amazonaws.com
200 S3:ListObjectsV2                                   ALLOWED_BUCKET.s3.eu-central-1.amazonaws.com
403 S3:ListObjectsV2                                   FORBIDDEN_BUCKET.s3.eu-central-1.amazonaws.com
^C
$

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
.gitignore		.gitignore
.golangci.yml		.golangci.yml
.goreleaser.yml		.goreleaser.yml
LICENSE		LICENSE
README.md		README.md
go.mod		go.mod
go.sum		go.sum
main.go		main.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CSM

Installation

Usage

About

Releases 1

Packages

Languages

License

pschulten/csm

Folders and files

Latest commit

History

Repository files navigation

CSM

Installation

Usage

About

Resources

License

Stars

Watchers

Forks

Releases 1

Packages 0

Languages

Packages