Not showing permissions for most roles about repokid HOT 9 OPEN

Found the issue is that it only does in-line policies which AWS don't recommend - found another ticket that relates #33

from repokid.

Found the issue is that it only does in-line policies which AWS don't recommend - found another ticket that relates #33, it would be useful to have this clear in the documentation

from repokid.

@jonnieb007 I had this same revelation the other day when working with Repokid/Aadvark but I believe it does state that it only works on inline policies at the very top of the Readme.

Repokid uses Access Advisor provided by Aardvark to remove permissions granting access to unused services from the inline policies of IAM roles in an AWS account. - from the README

from repokid.

@jonnieb007 why does AWS not recommend inline policies? I believe managed policies are typically for cases where you want to attach the same policy to multiple principals in the same account.

from repokid.

See https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_managed-vs-inline.html#choosing-managed-or-inline "we recommend that you use managed policies instead of inline policies." We have moved to managed, could Repokid support managed polices?

from repokid.

Yes, I believe many others are interested in supporting managed policies for Repokid right now. This is not technically difficult with Repokid's architecture. If you are interested in picking this up I'm happy to help.

from repokid.

I’d be willing to work on this but wouldn’t mind a hand and getting started.

from repokid.

@curtis-turner You can also see #33, I'm trying to troubleshoot this atm. Looks like there's just one of the functions that drops all managed policy info, even though it's included in the program. Check the other ticket for my contact details if you'd like to reach out as well

from repokid.

I can help with testing but much of a programer

from repokid.