aws-allowlister

Policy generator

Automatically generates AWS Service Control Policies based on compliance frameworks and custom service inclusions/exclusions

Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.

GitHub
224 stars
11 watching
34 forks
Language: Python
last commit: over 1 year ago
Linked from 2 awesome lists

awscloudcloud-securitycomplianceiamsalesforcesecurity

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
salesforce/policy_sentry Automates the creation of least-privilege IAM policies for AWS services 2,028
salesforce/cloudsplaining A tool that scans AWS IAM policies to identify security vulnerabilities and generates a report with recommendations for remediation 2,009
salesforce/terraform-provider-policyguru Generates and manages least privilege IAM policies using an external audit service 29
cloudtools/awacs A Python library to create and manage AWS Access Policy Language JSON 395
salesforce/metabadger Automates upgrades to secure AWS Instance Metadata Service v2 to prevent SSRF attacks on EC2 instances 141
open-sl/serverless-permission-generator An application that generates AWS IAM permissions required for deploying Serverless Framework stacks 47
welldone-cloud/aws-lint-iam-policies Tools to analyze and report on AWS IAM policies for security best practices 119
awslabs/aws-config-rules Repository of custom Config rules for AWS resources to enforce compliance and security standards 1,621
awslabs/terraform-iam-policy-validator A tool to validate Terraform IAM policies against AWS best practices and security standards. 299
aws-cloudformation/cloudformation-guard An evaluation tool for policy-as-code in infrastructure configuration files 1,309
aws-solutions/aws-waf-security-automations Automates deployment of AWS WAF security rules to protect against common web-based attacks 863
udondan/iam-floyd A tool for generating AWS IAM policy statements with a fluent interface. 550
awslabs/cwe-monitor-secgrp A CloudWatch Events rule Lambda function that checks security group permissions against a pre-configured policy and logs non-compliant changes. 25
awslabs/aws-iam-generator Automates AWS IAM user and group creation based on configuration files. 241
netflix-skunkworks/policyuniverse A Python package for parsing and processing AWS IAM policies and statements. 427