Question 1

How does IAMbic compare to Terraform for managing IAM?

Accepted Answer

IAMbic complements Terraform by focusing on IAM-specific features like multi-account consolidation, temporary access, and Git-based auditing, while Terraform is broader for infrastructure. IAMbic offers native drift prevention and dynamic permissions that Terraform lacks, but it's not a replacement for general IaC.

Question 2

How to set up IAMbic for AWS multi-account roles?

Accepted Answer

Start by installing prerequisites and configuring IAMbic with AWS accounts, then use YAML templates to define roles with included/excluded accounts for dynamic permissions. The quick-start guide provides step-by-step instructions and examples for roles like the Cloudwatch role across dev, staging, and prod accounts.

Question 3

Does IAMbic work with Azure Active Directory?

Accepted Answer

Yes, IAMbic supports Azure AD for managing users and groups, including temporary access assignments. The README includes YAML examples for Azure AD users and groups, and there's a dedicated getting-started guide for Azure AD integration.

Question 4

Can IAMbic manage temporary access in Okta?

Accepted Answer

Absolutely, IAMbic allows declarative expiration dates for Okta application and group assignments, as shown in examples where users have expires_at fields. This automates cleanup and enhances security for temporary access scenarios.

Question 5

What are IAMbic templates and how do they work?

Accepted Answer

IAMbic templates are human-readable YAML files that represent IAM resources, enabling bi-directional sync between Git and cloud providers. They support variables and conditions for dynamic configurations, such as varying permissions per AWS account, and are central to IAMbic's version control approach.

Question 6

How does IAMbic handle drift detection and prevention?

Accepted Answer

IAMbic monitors managed IAM resources and automatically reverts out-of-band changes to prevent drift, ensuring the Git repository remains the single source of truth. This is a key feature highlighted in the drift prevention section, with options for enforced management.

IAMbic

What is IAMbic?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions