Permify/targePublic

NotificationsYou must be signed in to change notification settings
Fork4
Star29

Open-source CLI for managing IAM (Identity and Access Management) operations with AI assistance.

License

Apache-2.0 license

29 stars 4 forks Branches Tags Activity

Star

Notifications

You must be signed in to change notification settings

Branches Tags

Folders and files

Name		Name	Last commit message	Last commit date
Latest commit History 105 Commits
.github		.github
assets		assets
cmd/targe		cmd/targe
internal		internal
pkg		pkg
requirements		requirements
.gitignore		.gitignore
.goreleaser.yml		.goreleaser.yml
CODE_OF_CONDUCT.md		CODE_OF_CONDUCT.md
CONTRIBUTING.md		CONTRIBUTING.md
LICENSE		LICENSE
Makefile		Makefile
README.md		README.md
SECURITY.md		SECURITY.md
go.mod		go.mod
go.sum		go.sum

Repository files navigation

Targe - Open Source IAM Copilot

Targe is an open-source CLI for managing IAM (Identity and Access Management) operations with AI assistance.

DevOps engineers use Targe to configure how employees in their organization access infrastructure resources. Targe simplifies and accelerates granting and revoking access, while supporting custom policy creation — eliminating the need for tedious back-and-forth UI work.

How it Works?

Configure your cloud credentials to enable Targe to access resources in your infrastructure. Currently, Targe supports only AWS.
Start an access flow or use AI to create an access command to fulfill an access request.
Preview the access action and complete the access request.

Create an Access Command with AI

Describe the access action you want to perform. For example, "give S3 read-only access to user Omer."

Targe analyzes the request and generates the necessary access command using AI.

Start an Access Flow Manually

You can also manually start any flow to complete an access action.

There are three main flows:

~ % targe aws users | Grant or revoke access to/from a user.
~ % targe aws groups | Attach or detach a policy to/from a group.
~ % targe aws roles | Attach or detach a policy to/from a role.

Let's repeat the example above of granting s3 read-only access to user Omer.

We will use following command to startuser flow:~ % targe aws users.

The user access flow begins by listing the users in the system. Select the user to take action on.

After selecting the user, choose the operation to perform. Let’s attach a policy to user Omer.

In the next step, select the policy you want to attach. You can use "filters" in each section to search what you need.

Finally, preview the access action.

Installation Steps

Install Targe CLI:

brew tap permify/tap-targebrew install targe

Set Up AWS Credentials:
Targe requires AWS credentials to be configured in the file~/.aws/credentials. Follow these steps:
- Create or open the~/.aws/credentials file using a text editor:
```
nano~/.aws/credentials
```
- Add your AWS credentials in the following format:
```
[default]aws_access_key_id = your_access_keyaws_secret_access_key = your_secret_key
```
- Save the file and exit (in nano, pressCTRL + O to save, thenCTRL + X to exit).
Verify the Configuration:
Run the following command to confirm the credentials are set correctly:
```
aws sts get-caller-identity
```
This should return information about your AWS account. If it fails, double-check the credentials file for accuracy.
Configure OpenAI API Key
Run the following command to configure your OpenAI API Key:
```
targe configset openai_api_key [your_api_key]
```
Set the Default Region (Optional):
If your tool requires a specific AWS region, you can set it in the~/.aws/config file:
```
nano~/.aws/config
```
Add:
```
[default]region = us-east-1
```
Replaceus-east-1 with your desired region.