Netflix-Skunkworks/repokid-extras

Name: repokid-extras

Owner: Netflix-Skunkworks

Description: null

Created: 2018-04-23 16:29:07.0

Updated: 2018-05-09 20:01:47.0

Pushed: 2018-04-25 19:59:56.0

Homepage: null

Size: 8

Language: Python

GitHub Committers

UserMost Recent Commit# Commits

Other Committers

UserEmailMost Recent Commit# Commits

README

Repokid

Gitter chat

NetflixOSS Lifecycle

Repokid Extras

Repokid Extras is a repository for helper scripts, plugins, and others for Repokid. As a Skunkworks project these are not maintained or supported officially, but if you have questions you can ask in our Gitter channel and we'll do our best to help you.

cloudtrail-hook

CloudTrail hook is a reference implemenation of using AWS CloudTrail to take away permissions beyond the service level that Access Advisor provides. In our implementation we are querying ElasticSearch, but CloudTrail could be stored in other forms such as Amazon Athena as well. The important part is implementing the DURING_REPOABLE_CALCULATION hook and modifying the passed potentially_repoable_permissions.

This work is supported by the National Institutes of Health's National Center for Advancing Translational Sciences, Grant Number U24TR002306. This work is solely the responsibility of the creators and does not necessarily represent the official views of the National Institutes of Health.