Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Hi HN!
Principal Mapper is a tool + library for analyzing and securing your AWS IAM configuration. It generates a model of your account and/or organization and uses it to give you a better idea of the effective permissions of your IAM Users and Roles. It has privilege escalation detection built-in and is hopefully written in a way that will let you extend it for your use-cases.
This v1.1.0 update covers more types of policies (resource policies, permission boundaries, session policies, SCPs), supports AWS Organizations, enables cross-account checks, and more!
https://github.com/nccgroup/PMapper
Happy to answer any questions you have here!
Related posts
- Anyone tried to create a halfway decent least privilege policy for a CDK deployment?
- Do you know a way to visulize access flow between users and resources?
- Principal Mapper v1.1.0 - AWS IAM Security Analysis
- Policy Sentry - IAM Least Privilege Policy Generator
- IAM Zero: I built a tool which automatically suggests least-privilege IAM policies for AWS CDK infrastructure