Skip to main content

AWS IAM operations

v0.1.5

IAM introspection — users, roles, policies, attached policies, access keys — plus incident-response mutators: deactivate access key, delete access key, detach user policy. Auth via AWS_PROFILE. Routine IAM changes belong in IaC; these actions are for emergency lockout.

8 allowed by default 1 need approval 2 denied by default
Pack ID
aws-iam
Vendor
emisar
OS
linux
Actions
11
Required binaries. Install these on the host before relying on the pack — an action that calls a missing one fails at run time.
aws

Install

emisar pack install validates the pack and verifies its content hash before copying it into /etc/emisar/packs. The --hash below pins the install to the exact bytes on this page — a tampered copy is rejected. After install, reload the runner; it re-reads the catalog and advertises every action.

content hash: sha256:62e9a24cf314ac855c8441a1e2002d39f9463904a14efa71bb97d8f6ab3f10eb

on the runner host
sudo emisar pack install aws-iam \
  --hash sha256:62e9a24cf314ac855c8441a1e2002d39f9463904a14efa71bb97d8f6ab3f10eb \
  --dest /etc/emisar/packs

# Reload so the runner re-reads the catalog:
sudo systemctl reload emisar

Actions 11 total

View on GitHub