IAM roles rightsizing


How should one be rightsizing IAM roles? Is there a tool i could use?

질문됨 2년 전258회 조회
2개 답변
수락된 답변

Hi, please take a look at IAM access analyser. It provides the following capabilities:

  • helps identify resources in your organization and accounts that are shared with an external entity. This lets you identify unintended access to your resources and data.
  • validates IAM policies against policy grammar and best practices.
  • generates IAM policies based on access activity in your AWS CloudTrail logs. You can use the generated policy to refine an entity's permissions by attaching it to an IAM user or role. In addition, this blog talks through a solution that provides continuous profiling of IAM usage with automated adjustments of permissions using AWS Config and CloudKnox.
답변함 2년 전


if by rightsizing, you mean a way to analyze and optimize IAM policies, you can look at IAM Access Analyzer ... https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html

It generates findings based on best practices and CloudTrail logs, which lets you know if your policies are permissive, and enables you to fine-tune them.

답변함 2년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠