Our great sponsors
-
iamlive
Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy
-
aws-leastprivilege
Generates an IAM policy for the CloudFormation service role that adheres to least privilege.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
Also check out https://github.com/iann0036/iamlive. If you can carry out your actions with the CLI first, it will give you a good starting point. Otherwise IAM AA (as mentioned in another comment) is designed to help you, but coverage depends on service (it's gotten a lot better) and you'll need to have your project running for a bit to generate data.
From a template, this is the closest I've gotten: https://github.com/iann0036/aws-leastprivilege , and also check out iamlive (thanks /u/rowanu!) if you can insert the recorder between the application and the AWS endpoints.