cloudsplaining
Policy auditor
A tool that scans AWS IAM policies to identify security vulnerabilities and generates a report with recommendations for remediation
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
2k stars
32 watching
187 forks
Language: JavaScript
last commit: 7 days ago
Linked from 2 awesome lists
awsaws-iamaws-securitycloudcloud-securityhacktoberfestiamsalesforcesecurity
4ndersonlin/awesome-cloud-security
funkmyster/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 welldone-cloud/aws-lint-iam-policies | A tool that analyzes AWS IAM policies to detect security vulnerabilities and best practice violations. | 111 |
| salesforce/terraform-provider-policyguru | Generates and manages least privilege IAM policies using an external audit service | 30 |
| salesforce/aws-allowlister | Automatically generates AWS Service Control Policies based on compliance frameworks and custom service inclusions/exclusions | 224 |
| salesforce/policy_sentry | Automates the creation of least-privilege IAM policies for AWS services | 2,019 |
 bridgecrewio/airiam | Automates least privilege AWS IAM configuration management by detecting and replacing unnecessary resources with Terraform models | 776 |
 aquasecurity/cloudsploit | A tool designed to detect security risks in cloud infrastructure accounts | 3,355 |
 rhinosecuritylabs/aws-iam-privilege-escalation | A collection of research and documentation on methods for exploiting weaknesses in AWS IAM to gain unauthorized access | 897 |
 awslabs/terraform-iam-policy-validator | A tool to validate Terraform IAM policies against AWS best practices and security standards. | 298 |
 prevade/cloudjack | Checks AWS accounts for subdomain hijacking vulnerabilities | 84 |
 cloudtools/awacs | A Python library to create and manage AWS Access Policy Language JSON | 395 |
 xen0l/iam-lint | Automates linting of AWS IAM policy documents to ensure security and compliance | 36 |
 aws-cloudformation/cloudformation-guard | An evaluation tool for JSON- and YAML-formatted data against pre-defined policies written in a domain-specific language. | 1,294 |
 bishopfox/iam-vulnerable | A tool to create a vulnerable AWS IAM configuration playground | 479 |
| bishopfox/smogcloud | Automatically identifies and monitors cloud assets exposed to the internet without authorization | 332 |
| awslabs/aws-iam-generator | Automates AWS IAM user and group creation based on configuration files. | 240 |