...

•  AWS Policy Generator – The AWS Policy Generator is a tool that enables you to create policies that control access to Amazon Web Services (AWS) products and resources.
• salesforce/policy_sentry – IAM Least Privilege Policy Generator
• duo-labs/cloudtracker – CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
• goldfiglabs/rpCheckup – rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources
• iann0036/iamlive – Generate an IAM policy from AWS calls using client-side monitoring (CSM) or embedded proxy
• Netflix/repokid – Repokid removes permissions granting access to unused services from the inline policies of IAM roles in an AWS account
• aminohealth/wonk - tool that analyzes IAM policies and minimizes them to fit under IAM policy length limits
•  aws.permissions.cloud – uses a variety of information gathered within the IAM Dataset and exposes that information in a clean, easy-to-read format
• ermetic/access-undenied-aws – parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps
• https://aws.permissions.cloud/ – comprehensive list of IAM actions, permissions, and API methods
• BishopFox/iam-vulnerable – Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
• PaloAltoNetworks/IAM-Deescalate – Helps mitigate privilege escalation risk in AWS identity and access management
• duo-labs/parliament – AWS IAM linting library to find malformed json, incorrect prefix and action names, incorrect resources or conditions for the actions provided, etc.
• flosell/iam-policy-json-to-terraform – Tool to convert an IAM Policy in JSON format into a Terraform aws_iam_policy_document

...

• cfripper – Library and CLI tool for analyzing CloudFormation templates and check them for security compliance
• stelligent/cfn_nag – The cfn-nag tool looks for patterns in CloudFormation templates that may indicate insecure infrastructure.
• bridgecrewio/checkov – Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Keys and Secrets

• awslabs/git-secrets – Prevents you from committing secrets and credentials into git repositories

• exec-with-secrets – Handle secrets in Docker using AWS KMS, SSM parameter store, Secrets Manager, or Azure Key Vault
• dxa4481/truffleHog – Searches through git repositories for high entropy strings and secrets, digging deep into commit history
• zricethezav/gitleaks – Scan git repos (or files) for secrets using regex and entropy 

...

• sa7mon/S3Scanner – Scan for open AWS S3 buckets and dump the contents

Log Querying

• https://github.com/Permiso-io-tools/CloudGrappler –A purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure
• https://github.com/Permiso-io-tools/CloudConsoleCartographer – A framework for condensing groupings of cloud events (e.g. CloudTrail logs) and mapping them to the original user input actions in the management console UI for simplified analysis and explainability

Monitoring

• zoph-io/aws-security-survival-kit – Bare minimum AWS Security Alerting

...

• AWS Security Workshops – A collection of the latest AWS Security workshops from AWS
• Serverless Security Workshop – In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. From AWS
• flAWS 2 Challenge – Teaches you AWS (Amazon Web Services) security concepts. The challenges are focused on AWS specific issues, so no buffer overflows, XSS, etc. Able to be attacker or defender for challenges.
• CI/CDon't – An active learning exercise where you plan the bad guy where your goal is to gain access to administrative credentials for an AWS account.
• https://github.com/avishayil/cdk-goat – Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure
• https://github.com/BishopFox/cloudfoxable – Create your own vulnerable by design AWS penetration testing playground

Other Compilations of Security Resources

• puresec/awesome-serverless-security – A curated list of serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
• toniblyx/my-arsenal-of-aws-security-tools – List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
• ramimac/aws-customer-security-incidents - A repository of breaches of AWS customers
• hackingthe.cloud - An encyclopedia for offensive and defensive security knowledge in cloud native technologies (repo / website)