Skip to content

Latest commit

 

History

History
72 lines (43 loc) · 2.26 KB

CONTRIBUTING.md

File metadata and controls

72 lines (43 loc) · 2.26 KB

Contributing to iamzero

We welcome all contributions to IAM Zero. Please read our Contributor Code of Conduct.

Overview

IAM Zero consists of multiple services.

Collector

The Collector ingests events sent from IAM Zero clients. The Collector is responsible for checking authentication tokens and processing events through least-privilege advisories to create least-privilege policies.

Console

The Console is a web application and API which allows users to query the events and policies generated by the Collector.

All-In-One

The all-in-one service runs both the Collector and the Console in a single process! It's designed to make development and testing as easy as possible.

Getting set up

This project is a web service with the backend written in Go and frontend written in React and TypeScript. To run this project locally you will need:

  • Go 1.16
  • NodeJS v14
  • Yarn 1.22

This project utilises Go Modules to manage Go dependencies.

The frontend is in the web folder in the repo. To build and run the frontend, first install the NodeJS dependencies:

cd web
yarn install

Then run the React application:

yarn start

You will see the app on http://localhost:3000 by default.

To build and run the backend, run the command:

go run cmd/all-in-one/main.go -token-storage-backend=inmemory

The backend web application API is served on http://localhost:14321 by default. The collector HTTP endpoint, used to receive IAM Zero events from client libraries, is served on http://localhost:13991 by default.

Testing Postgres

To run tests with the Postgres database, run

make test-postgres

This will require Postgres running locally via the docker-compose.yml file.

CloudFormation templates

CloudFormation templates are currently a work-in-progress. These can be packaged and deployed as follows (note: requires access to the iamzero sandbox AWS account, otherwise you can create your own S3 bucket):

aws cloudformation package --template-file ./deploy/root.yml --output-template ./deploy/packaged.yml --s3-bucket iamzero-dev-cloudformation

aws cloudformation deploy --template-file TEMPLATE_FILE_FROM_PREVIOUS_STEP --stack-name iamzero --parameter-overrides CertificateArn=<CERTIFICATE_ARN_FOR_IAMZERO>