AirIAM
aws-security-workshops
AirIAM | aws-security-workshops | |
---|---|---|
3 | 7 | |
752 | 426 | |
0.3% | 0.0% | |
0.0 | 0.0 | |
about 2 months ago | over 1 year ago | |
Python | Jupyter Notebook | |
Apache License 2.0 | MIT No Attribution |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
AirIAM
-
AWS Networking Concepts in a Diagram
ugh access + least privilege on AWS + GCP is really hard
not made easier by the fact that debugging service accounts can sometimes require rebooting boxes or clusters
'cloud traceroute' to discover where exactly the problem is would be amazing
(in fairness there are 'least privilege' tools I haven't tried -- listed below and I recall reading about others)
1. iam access analyzer https://aws.amazon.com/blogs/security/iam-access-analyzer-ma...
2. airiam https://github.com/bridgecrewio/AirIAM
3. policy simulator https://cloud.google.com/policy-intelligence/docs/iam-simula...
- AirIAM
-
My first Hacktoberfest !!✨
View on GitHub
aws-security-workshops
- Beginners: How to get the AWS Solutions Architect Associate certification
-
The Testing->Learning REPL and AWS Exams
AWS Security Workshops Guided security labs.
-
Hands on training / exercises for AWS security?
I think you’re referring to Workshops like https://awssecworkshops.com
-
Useful AWS Training Resources
AWS workshops is the main site with 100's of workshops you can follow in areas ranging from astronomy to zero-trust. AWSworkshop.io is focused on modernization workshops and currently has just over 50 labs to follow. AWS Security Workshops as the name indicates is focused purely on security related labs and workshops. AWS Well-Architected Labs has labs in the 5 pillars, hopefully sustainability will be added next year. The goal for these labs is to improve your posture in each area and become "well architected". Control Tower Tools for those of you wanting to gain more insight to AWS Control Tower this is the place to be. It's based on the immersion day but has so much more including integration with ITSM tools and customizations.
-
Practice AWS Hands-on Labs
Here is my 2 cent: - AWS Well-Architected Labs - AWS Workshops - AWS Security Workshops - AWS Modernization Workshops - Awesome AWS Workshops
-
Cloud CTE
AWS has created some simple walkthrough workshops for this exact use case. Take a look at https://awssecworkshops.com/
-
Hosting Your Own Gameday
If you wan to avoid doing that, I'm not aware of any open source challenges but the workshops are a good start https://github.com/aws-samples/aws-security-workshops
What are some alternatives?
PMapper - A tool for quickly evaluating IAM permissions in AWS.
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
consoleme - A Central Control Plane for AWS Permissions and Access
cleverhans - An adversarial example library for constructing attacks, building defenses, and benchmarking both
cloudsplaining - Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
fbctf - Platform to host Capture the Flag competitions
learn - Sourcegraph Learn: an educational hub to support all developers
ASM-Guard - Packer utility for compressing and complicating reversing compiled native code (native files), protecting resources, adding DRM, and packing into an optimized loader.
tfwrapper - Claranet France Terraform & OpenTofu Wrapper
cloudbowl-microservice-game
black - The uncompromising Python code formatter [Moved to: https://github.com/psf/black]
whywetech - whywe.tech