Is there and open source security platform(CIEM/CSPM) which implements or calculates AWS's effective permissions for stating out the permission boundaries of iam identities?


Hi. I wanted to know if there was any opensource security platform which uses the AWS permissions boundary to evaluate the effective permission for a particular identity? Can someone point me out to some documentation for github for such products. Thanks

1 Answer

To grant only the permissions required to perform a task, you can generate policies based on your access activity that is logged in AWS CloudTrail. For that you can use IAM Access Analyzer to analyze the services and actions that your IAM roles use, and then generates a fine-grained policy that you can use. After you test each generated policy, you can deploy the policy to your production environment. This ensures that you grant only the required permissions to your workloads.

More information here

I hope this helps!

answered 25 days ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions