iamzero
aws-sso-cli
iamzero | aws-sso-cli | |
---|---|---|
4 | 3 | |
236 | 394 | |
0.0% | - | |
0.0 | 8.9 | |
about 1 year ago | 13 days ago | |
Go | Go | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
iamzero
- Is there a way to test policies without the AWS policy simulator? maybe an API or library?
-
AWS IAM Recorder
You probably want https://github.com/iann0036/iamlive or https://iamzero.dev/
-
IAM Zero: I built a tool which automatically suggests least-privilege IAM policies for AWS CDK infrastructure
A few months ago I made some posts about tooling I built called IAM Zero to make least-privilege IAM policy generation easier [1] [2]. Since then, I have found a co-founder and we have been working full-time on making least-privilege policies easier with our open source tools.
-
IAM Zero: I released a tool which automatically suggests least-privilege IAM policies
The initial release has automatic least-privilege advisories for S3 and DynamoDB, and will be scaled out to support all AWS services prior to a stable release. IAM Zero currently supports applications and scripts written in Python with support for other languages coming soon. Support for generating infrastructure-as-code deployment roles and requesting roles through the AWS web console are on the roadmap.
aws-sso-cli
What are some alternatives?
stratus-red-team - :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. [Moved to: https://github.com/tenable/terrascan]
iamlive - Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy
kube-secrets-init - Kubernetes mutating webhook for `secrets-init` injection
SkyArk - SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
terrascan - Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
parliament - AWS IAM linting library
idp-scim-sync - Keep your AWS Single Sign-On (SSO) groups and users in sync with your Google Workspace directory
oras-credentials-go - Provide credentials for oras-go
granted - The easiest way to access your cloud.
cleanup-aws-access-keys - A cloud security tool to search and clean up unused AWS access keys, written in Go.