Features
init: Downloads the IAM service specific actions, arn format and
conditions to a file named iam.json in the current folder. Also creates
a sample file named equivalency_list.json which could be used to ignore
known string patterns in the IAM role names to be ignored to reduce
false positives while running the diff command later.
listprofiles: Lists all CLI profiles available.
harvest: Downloads the IAM Roles, policies expands glob patterns,
matches resources to service actions and writes the output as csv to
default <user_home>/aws-idt directory with a time based folder
structure.
diff: Compares the two accounts supplied as input for differences in
IAM roles, policies by first harvesting from both accounts and then
applying the equivalency string patterns to ignore known false positive
triggers. Write several summary level and granular to files to the
default <user_home>/aws-idt directory with a time based folder
structure.