We welcome all contributions to IAM Zero. Please read our Contributor Code of Conduct.
IAM Zero consists of multiple services.
The Collector ingests events sent from IAM Zero clients. The Collector is responsible for checking authentication tokens and processing events through least-privilege advisories to create least-privilege policies.
The Console is a web application and API which allows users to query the events and policies generated by the Collector.
The all-in-one service runs both the Collector and the Console in a single process! It's designed to make development and testing as easy as possible.
This project is a web service with the backend written in Go and frontend written in React and TypeScript. To run this project locally you will need:
- Go 1.16
- NodeJS v14
- Yarn 1.22
This project utilises Go Modules to manage Go dependencies.
The frontend is in the web
folder in the repo. To build and run the frontend, first install the NodeJS dependencies:
cd web
yarn install
Then run the React application:
yarn start
You will see the app on http://localhost:3000 by default.
To build and run the backend, run the command:
go run cmd/all-in-one/main.go -token-storage-backend=inmemory
The backend web application API is served on http://localhost:14321 by default. The collector HTTP endpoint, used to receive IAM Zero events from client libraries, is served on http://localhost:13991 by default.
To run tests with the Postgres database, run
make test-postgres
This will require Postgres running locally via the docker-compose.yml
file.
CloudFormation templates are currently a work-in-progress. These can be packaged and deployed as follows (note: requires access to the iamzero sandbox AWS account, otherwise you can create your own S3 bucket):
aws cloudformation package --template-file ./deploy/root.yml --output-template ./deploy/packaged.yml --s3-bucket iamzero-dev-cloudformation
aws cloudformation deploy --template-file TEMPLATE_FILE_FROM_PREVIOUS_STEP --stack-name iamzero --parameter-overrides CertificateArn=<CERTIFICATE_ARN_FOR_IAMZERO>