Support integration w/ IAM roles (not just access keys)
varunjain99 opened this issue · 2 comments
varunjain99 commented
Some support for implementing this here: https://www.reddit.com/r/cloudsecurity/comments/11s1wn4/zeuscloud_an_open_source_cloud_security_platform/
varunjain99 commented
We will use aws config / credentials for integration w/ IAM roles.
The plan is as follows:
- Mount config/credentials to cartography containers in dev
- Expose API endpoint from cartography to get profiles
- Cartography should be able to run a sync given a profile
- Test and lint all cartography changes
- Backend should get possible profiles and expose API for frontend to call
- Backend should allow adding account through profile and storing that in the postgres db
- Frontend form should accept profile and default to that instead of access key setup
- Scenarios to test
- default profile synced
- non-default profile synced
- access key based sync
- invalid profile sync
- access key sync w/ empty creds
- access key sync when mount doesn't work
- profile sync when mount doesn't work
- Update prod yaml and push to dockerhub
- Update docs
- Update demo env
varunjain99 commented
Closing #115