-
Notifications
You must be signed in to change notification settings - Fork 142
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support explicit deny #389
Comments
Hi @shinitiandrei! Thanks for opening an issue and digging through the documentation.
Just an obligatory disclaimer: I'm not working for Salesforce anymore and can't add new features to this project myself. If anyone wants to contribute, I am open to discussing it and happy to review any PRs/proposals. I originally created Policy Sentry as an opinionated approach to writing least privilege policies. I specifically avoided conditions and Deny effects to keep it simple. This doesn't fit every use case and it's not intended to - but enough time has passed to where I think this does make sense if we can keep it simple, and if we have some contributors who would like to take it on! With all that being said - I would be open to PRs that support:
|
Hi,
I've been reading your docs and tutorials, but I couldn't find anything around explicit deny, so I would like to see if you guys can implement it? As in: https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policies_evaluation_example
For example in this policy:
Thank you!
The text was updated successfully, but these errors were encountered: