Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
IAM action-specific resources lint
See original GitHub issueIAM actions can either accept a resource to be scoped by, or they should be passed * (for all resources).
It would be nice to have an informational lint rule that would be able to check statements used in IAM resources, and based on the action, decide whether the resource is correct (* for actions that cannot be scoped, and NOT * for those that can)
Issue Analytics
- State:
- Created 3 years ago
- Comments:6 (5 by maintainers)
Top Results From Across the Web
Validate IAM Actions · Issue #1117 · aws-cloudformation/cfn-lint
Description of issue. At present cfn-lint does not appear to validate the contents of the Action list in IAM policies, while it would...
Read more >Linting policies | IAM Documentation - Google Cloud
To lint a resource's allow policy, you need permissions to get the resource, and to get and set the allow policy for the...
Read more >Improve your code with lint checks - Android Developers
The lint tool checks your Android project source files for potential bugs and optimization improvements for correctness, security, performance, usability, ...
Read more >Android Lint unused resource (flavor specific) - Stack Overflow
I'm in a similar situation but with Android Studio warnings. It complains for methods that could be private, but they actually need to...
Read more >UnusedResourceDetector.java - android Git repositories
package com.android.tools.lint.checks;. import static com.android.SdkConstants. ... import com.android.ide.common.resources.usage.ResourceUsageModel;.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Another option is to use the Access Analyzer policy validation. That would require AWS credentials, and might run into issues with !Sub and !Ref, but maybe some findings can be ignored if those are present.
Parliament should tell you what actions are resource-less per the SAR (though that does have some missing actions, somewhat captured here.