DEV Community



#27 Record AWS API calls to improve IAM Policies

cloudonaut Play Button Pause Button

Don't miss the our blog post Record AWS API calls to improve IAM Policies, the written version of this podcast episode.

Have you ever looked at an IAM policy and wondered: Is it really necessary to grant access to this specific action? Or do you need to know which API calls a legacy or 3rd party application is actually sending to come up with a secure IAM policy? CloudTrail can help here, but there is something better: Record API calls with the AWS SDKs and CLI (including the stuff that is not visible in CloudTrail).

In this episode, you learn to capture the data without touching source code. You also analyze the data and use the results to improve your IAM policies.

Feedback welcome!

We ask for feedback! Please rate or review our podcast on Apple Podcasts or wherever you listen to your favorite shows. Or send us a message via Twitter (Andreas and Michael) or LinkedIn (Andreas and Michael) or send us an email.

Episode source

Editor guide