https://pulumi.com logo
#general
Title
# general
s

straight-insurance-5631

12/19/2023, 4:32 PM
Hello Pulumi Community, I'm currently working on a project where I'm using Pulumi to manage AWS resources. I'm looking for advice or tools that could help in automatically generating IAM policies based on the AWS API calls made by my Pulumi scripts. I have tried using iamlive : https://github.com/iann0036/iamlive, but it is not logging all apis. Any suggestions here?
b

billowy-army-68599

12/19/2023, 4:49 PM
IAM live works, you just need to configure it correctly
s

straight-insurance-5631

12/19/2023, 4:53 PM
In one terminal : I am executing the following before running the pulumi code (pulumi up -y),
Copy code
export AWS_CSM_ENABLED=true
export AWS_CSM_PORT=31000
export AWS_CSM_HOST=127.0.0.1
and in another terminal I am executing below :
/code/iamlive/iamlive --set-ini --output-file policy5.json
I am getting the list of API calls but i suspect majority calls are missing there, I am create an eks cluster but there is no access related to eks in the output file. Any idea what could be wrong here?
b

billowy-army-68599

12/19/2023, 7:11 PM
why do you suspect that? if you’re seeing output it should be working