iam-temp-delegation-review
Installation
SKILL.md
Overview
This skill reviews IAM temporary delegation policy bundles (templates + boundaries) through a multi-stage pipeline. Stages are strictly gated — later stages do NOT run if earlier stages find critical issues.
Gotchas
- Pattern-matching a missing condition key is not enough to emit a finding. You MUST reason about whether the attack path is actually achievable with the permissions granted in this bundle. If the threat requires an action not present in the bundle, the finding is noise — not a vulnerability.
- Do NOT infer bundle metadata (partner domain, template name) from policy file content. These are registration-specific values — always ask the user.
sar_context.jsonis the single source of truth for condition key support. IAM silently ignores unsupported condition keys — they parse but never enforce. Never recommend a key not listed in SAR data.- Permission boundaries are pre-registered static policies. They do NOT support
@{...}parameterization. Only delegation templates support placeholders. iam:TagRoledoes NOT support theiam:PermissionsBoundarycondition key, even though it seems logical. The reviewer will suggest it — the verifier must catch it.- Permission-only actions (empty
resource_typesin SAR) cannot be resource-scoped.Resource: "*"is correct and cannot be narrowed. aws:RequestTagonly applies during creation/tagging. Using it on describe/modify actions always fails silently.- The
run_checks.pyscript prints registry artifact paths. Steps 4+ must use those paths, not the original input paths. - Partners do NOT need
iam:CreatePolicyfor boundaries — IAM provisions them automatically. Flag it as a design error. - Allow-overlap (Pattern 2) requires service-awareness. A boundary with
*in the account field only creates exploitable overlap for cross-account-capable services (S3, Lambda layers, KMS via grants, STS). For account-local services (CloudFormation, CloudWatch, EC2, DynamoDB, RDS, Secrets Manager, CodeBuild), the API physically cannot reach resources in another account —*account scope is cosmetic, not a vulnerability. Flag account-local overlaps aslowhygiene findings, notmedium/highsecurity findings.