-
cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. (by lyft)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
The first step involved in threat modelling is to build an architecture diagram of the system you are protecting. This also involves building a list of assets in the system. You cannot protect something which you don’t have visibility over. We can use tools such as CloudMapper from the previous step for building an architecture diagram of an AWS cloud environment. There are similar tools for threat modeling for other cloud service providers like Cartography.
You can use tools like policy_sentry to create least privilege IAM policies.
Connectivity to your cloud resources should have secure and private access. There can be multiple ways to achieve this, through a VPN setup to a bastion/jump box. Or have a central authentication system with something like Keycloak or Teleport. You can integrate these systems with federated authentication mechanisms similar to Okta or any other SSO implementations. Another way of doing this is by using AWS SSM, this takes away the overhead of managing your own central authentication system.
Related posts
-
Keycloak VS boruta-server - a user suggested alternative
2 projects | 22 May 2023 -
AWS Creates New Policy-Based Access Control Language Cedar
-
Is there a way to test policies without the AWS policy simulator? maybe an API or library?
-
SHGA Shanghai Gov National Police Database Stolen
-
Policy Sentry - IAM Least Privilege Policy Generator