Skip to content

v0.3.0 - k9 risks command for over-accessible-resources & over-permissioned-principals

Choose a tag to compare

View all tags
@skuenzli skuenzli released this 29 Aug 23:24
· 16 commits to main since this release
v0.3.0
43928e6
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

This release of k9 CLI adds two new risks queries:

  1. over-accessible-resources
  2. over-permissioned-principals

These similar commands process resource access summary reports and principal access summary reports respectively. Each uses three specialty flags:

  1. A list of strings called services
  2. An int max-admin
  3. Another int max-rwd

These queries will filter and report resources or principals that match the service qualifier, and violate the specified admin or read-write-delete limit.

k9 query risks over-accessible-resources \
    --customer_id C10001 \
    --account 720226181253 \
    --analysis-date 2022-06-14 \
    --format json \
    --service S3 \
    --max-admin 1 \
        | jq '.[].resource_arn'
k9 query risks over-permissioned-principals \
    --customer_id C10001 \
    --account 720226181253 \
    --analysis-date 2022-06-14 \
    --format json \
    --service S3 \
    --max-admin 2 \
        | jq '.[].principal_arn'
Assets 5
Loading