Skip to content

IAM

Guides

Link Notes
AWS managed policies A Managed Policy Reference Guide with 1k+ policies
Permissions Reference for AWS IAM A website built in order to provide an alternate, community-driven source of truth for AWS identity
Effective IAM for AWS: A guide to realize IAM best practices Learn how to secure AWS with usable IAM architecture, policies, and automation that scales security best practices efficiently to all developers
How to revoke federated users’ active AWS sessions How to revoke access to specific users’ sessions on AWS assumed roles through the use of AWS IAM policies and SCPs

Designing

Link Notes
Managing temporary elevated access to your AWS environment Post discussing temporary elevated access and how it can mitigate risks relating to human access to your AWS environment
sensitive_iam_actions Crowdsourced list of sensitive IAM Actions

Root Principal

Link Notes
Summit Route Managing AWS root passwords and MFA How not use the root user account, and how to manage the credentials (password and MFA) for the root user effectively
Security Implication of Root principal in AWS An interesting way of abusing the AWS KMS for data exfiltration in restricted VPCs

Audit

Link Notes
Summit Route How to audit AWS IAM and resource policies
    Some general rules:
    • Beware that anything with Allow and Principal "*" is public
    • Never use Allow with NotPrincipal
    • Never use Allow with NotAction
Top ten AWS identity health checks to improve security in the cloud Ten recommended AWS identity health checks which can help you understand your IAM health, prioritize improvements to your IAM implementation, and operationalize effective access management processes

Federation

GSuite

Link Notes
How to use Google Workspace as an external identity provider for AWS IAM Identity Center How to set up Google Workspace as an external identity provider (IdP) for AWS IAM Identity Center