Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

IAM/Resources Policy

  • (tick) AWS Policy GeneratorThe AWS Policy Generator is a tool that enables you to create policies that control access to Amazon Web Services (AWS) products and resources.
  • salesforce/policy_sentry – IAM Least Privilege Policy Generator
  • duo-labs/cloudtracker – CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
  • goldfiglabs/rpCheckup – rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources
  • iann0036/iamlive – Generate an IAM policy from AWS calls using client-side monitoring (CSM) or embedded proxy
  • Netflix/repokid – Repokid removes permissions granting access to unused services from the inline policies of IAM roles in an AWS account
  • aminohealth/wonk - tool that analyzes IAM policies and minimizes them to fit under IAM policy length limits
  •  aws.permissions.cloud – uses a variety of information gathered within the IAM Dataset and exposes that information in a clean, easy-to-read format
  • ermetic/access-undenied-aws – parses AWS AccessDenied CloudTrail events, explains the reasons for them, and offers actionable remediation steps
  • https://aws.permissions.cloud/ – comprehensive list of IAM actions, permissions, and API methods
  • BishopFox/iam-vulnerable – Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
  • PaloAltoNetworks/IAM-Deescalate – Helps mitigate privilege escalation risk in AWS identity and access management
  • duo-labs/parliament – AWS IAM linting library to find malformed json, incorrect prefix and action names, incorrect resources or conditions for the actions provided, etc.

...