En utilisant AWS re:Post, vous acceptez les AWS re:Post Conditions d’utilisation
AWS re:Postre:Post

IAM roles rightsizing

0

How should one be rightsizing IAM roles? Is there a tool i could use?

Sujets
Sécurité, identité et conformité
Balises
Sécurité, identité et conformité
Langue
English
rePost-User-9123442
demandé il y a 2 ans249 vues
2 réponses
0
Réponse acceptée

Hi, please take a look at IAM access analyser. It provides the following capabilities:

  • helps identify resources in your organization and accounts that are shared with an external entity. This lets you identify unintended access to your resources and data.
  • validates IAM policies against policy grammar and best practices.
  • generates IAM policies based on access activity in your AWS CloudTrail logs. You can use the generated policy to refine an entity's permissions by attaching it to an IAM user or role. In addition, this blog talks through a solution that provides continuous profiling of IAM usage with automated adjustments of permissions using AWS Config and CloudKnox.
AWS
Kash
répondu il y a 2 ans
0

Hi,

if by rightsizing, you mean a way to analyze and optimize IAM policies, you can look at IAM Access Analyzer ... https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html

It generates findings based on best practices and CloudTrail logs, which lets you know if your policies are permissive, and enables you to fine-tune them.

AWS
Tushar A
répondu il y a 2 ans

Vous n'êtes pas connecté. Se connecter pour publier une réponse.

Une bonne réponse répond clairement à la question, contient des commentaires constructifs et encourage le développement professionnel de la personne qui pose la question.

Instructions pour répondre aux questions

Contenus pertinents