@cloud-copilot/iam-lens 0.1.50 → 0.1.51

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/README.md +26 -0
  2. package/package.json +1 -1
package/README.md CHANGED
@@ -13,6 +13,7 @@ Get visibility into the IAM permissions in your AWS organizations and accounts.
13
13
  5. [Commands](#commands)
14
14
  - [simulate - Simulate a request](docs/Simulate.md)
15
15
  - [who-can - Find who can perform an action on a resource](docs/WhoCan.md)
16
+ - [principal-can - Get a consolidated policy of all permissions for a principal](docs/PrincipalCan.md)
16
17
  - [Global CLI Options](docs/GlobalCliOptions.md)
17
18
  6. [Contributing & Support](#contributing--support)
18
19
  7. [Acknowledgements](#acknowledgements)
@@ -163,6 +164,31 @@ iam-lens who-can \
163
164
 
164
165
  [Full who-can documentation](docs/WhoCan.md)
165
166
 
167
+ ### `principal-can` - Get a consolidated policy of all permissions for a principal
168
+
169
+ ```bash
170
+ iam-lens principal-can --principal <arn> [--shrink-action-lists]
171
+ ```
172
+
173
+ Creates a consolidated policy document showing all permissions that a principal can perform based on their identity policies, permission boundaries, SCPs, RCPs, and resource policies. The output is a synthesized IAM policy representing the effective permissions after all policy evaluations.
174
+
175
+ [Full principal-can documentation](docs/PrincipalCan.md)
176
+
177
+ **Examples:**
178
+
179
+ ```bash
180
+ # Get all permissions for a user or role
181
+ iam-lens principal-can \
182
+ --principal arn:aws:iam::123456789012:user/Alice
183
+
184
+ # Get permissions for a role with shrunk action lists
185
+ iam-lens principal-can \
186
+ --principal arn:aws:iam::123456789012:role/MyRole \
187
+ --shrink-action-lists
188
+ ```
189
+
190
+ [Full principal-can documentation](docs/PrincipalCan.md)
191
+
166
192
  ## Contributing & Support
167
193
 
168
194
  The best way to support is to [open an issue](https://github.com/cloud-copilot/iam-lens/issues) and let us know of any bugs, feature requests, or questions you have. We're always looking for ways to improve the project and make it more useful for everyone.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@cloud-copilot/iam-lens",
3
- "version": "0.1.50",
3
+ "version": "0.1.51",
4
4
  "description": "Visibility in IAM in and across AWS accounts",
5
5
  "keywords": [
6
6
  "aws",