Skip to content

IAM_Data_Query_Engine.md

Latest commit

 

History

History
67 lines (36 loc) · 3.98 KB

IAM_Data_Query_Engine.md

File metadata and controls

67 lines (36 loc) · 3.98 KB
graph LR
    IAM_Action_Query_Module["IAM Action Query Module"]
    IAM_ARN_Query_Module["IAM ARN Query Module"]
    IAM_Condition_Key_Query_Module["IAM Condition Key Query Module"]
    IAM_Service_Query_Module["IAM Service Query Module"]
    IAM_Aggregated_Query_Module["IAM Aggregated Query Module"]
    IAM_Aggregated_Query_Module -- "depends on" --> IAM_Action_Query_Module
    IAM_Aggregated_Query_Module -- "orchestrates" --> IAM_Action_Query_Module
    IAM_Aggregated_Query_Module -- "depends on" --> IAM_Service_Query_Module
    IAM_Aggregated_Query_Module -- "orchestrates" --> IAM_Service_Query_Module
Loading

CodeBoardingDemoContact

Details

The IAM Data Query Engine subsystem exhibits a clear hierarchical relationship, with the IAM Aggregated Query Module (policy_sentry.querying.all) acting as a facade or orchestrator for the more granular query modules. It depends on and combines data from the IAM Action Query Module (policy_sentry.querying.actions) and the IAM Service Query Module (policy_sentry.querying.services). The IAM ARN Query Module and IAM Condition Key Query Module operate independently within this subsystem, providing specialized data retrieval capabilities that can be consumed by other parts of the system or directly by external components. This structure aligns with the "Data-Centric" and "Modularity for Policy Logic" architectural biases, ensuring specialized data access while providing aggregated views.

IAM Action Query Module

Provides a comprehensive interface for querying and filtering AWS IAM actions. This includes retrieving actions based on access level, ARN type, and condition keys, as well as accessing associated API documentation links. It handles detailed, action-specific data retrieval.

Related Classes/Methods:

IAM ARN Query Module

Focuses on querying and retrieving raw ARN data, specifically for different AWS services, enabling the identification of resource types.

Related Classes/Methods:

IAM Condition Key Query Module

Manages the querying and retrieval of AWS IAM condition key data, which are essential for constructing fine-grained access control policies.

Related Classes/Methods:

IAM Service Query Module

Handles the querying and retrieval of general AWS service-related information, such as service prefixes and names.

Related Classes/Methods:

IAM Aggregated Query Module

Offers high-level, aggregated query capabilities. It provides comprehensive lists of all actions or service prefixes by combining and orchestrating data retrieval from the more granular querying modules (e.g., actions, services).

Related Classes/Methods:

FAQ