cloudsplaining
Policy auditor
A tool that scans AWS IAM policies to identify security vulnerabilities and generates a report with recommendations for remediation
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
2k stars
32 watching
188 forks
Language: JavaScript
last commit: 3 months ago
Linked from 2 awesome lists
awsaws-iamaws-securitycloudcloud-securityhacktoberfestiamsalesforcesecurity
4ndersonlin/awesome-cloud-security
funkmyster/awesome-cloud-securityRelated projects:
| Repository | Description | Stars |
|---|---|---|
 welldone-cloud/aws-lint-iam-policies | Tools to analyze and report on AWS IAM policies for security best practices | 119 |
| salesforce/terraform-provider-policyguru | Generates and manages least privilege IAM policies using an external audit service | 29 |
| salesforce/aws-allowlister | Automatically generates AWS Service Control Policies based on compliance frameworks and custom service inclusions/exclusions | 224 |
| salesforce/policy_sentry | Automates the creation of least-privilege IAM policies for AWS services | 2,028 |
 bridgecrewio/airiam | Automates removal of unnecessary AWS IAM resources and generates least privilege Terraform configurations. | 778 |
 aquasecurity/cloudsploit | A tool designed to detect security risks in cloud infrastructure accounts | 3,372 |
 rhinosecuritylabs/aws-iam-privilege-escalation | A collection of research and documentation on methods for exploiting weaknesses in AWS IAM to gain unauthorized access | 901 |
 awslabs/terraform-iam-policy-validator | A tool to validate Terraform IAM policies against AWS best practices and security standards. | 299 |
 prevade/cloudjack | Checks AWS accounts for subdomain hijacking vulnerabilities | 84 |
 cloudtools/awacs | A Python library to create and manage AWS Access Policy Language JSON | 395 |
 xen0l/iam-lint | Automates linting of AWS IAM policy documents to ensure security and compliance | 36 |
 aws-cloudformation/cloudformation-guard | An evaluation tool for policy-as-code in infrastructure configuration files | 1,309 |
 bishopfox/iam-vulnerable | A tool to create a vulnerable AWS IAM configuration playground | 482 |
| bishopfox/smogcloud | Automatically identifies and monitors cloud assets exposed to the internet without authorization | 332 |
| awslabs/aws-iam-generator | Automates AWS IAM user and group creation based on configuration files. | 241 |