IAM
Guides¶
| Link | Notes |
|---|---|
| Permissions Reference for AWS IAM | A website built in order to provide an alternate, community-driven source of truth for AWS identity |
| Effective IAM for AWS: A guide to realize IAM best practices | Learn how to secure AWS with usable IAM architecture, policies, and automation that scales security best practices efficiently to all developers |
| How to revoke federated users’ active AWS sessions | How to revoke access to specific users’ sessions on AWS assumed roles through the use of AWS IAM policies and SCPs |
Designing¶
| Link | Notes |
|---|---|
| Designing Least Privilege AWS IAM Policies for People | Got engineers with AdministratorAccess? Here's how to deploy reduced privilege IAM roles for people without breaking their workflows |
| Managing temporary elevated access to your AWS environment | Post discussing temporary elevated access and how it can mitigate risks relating to human access to your AWS environment |
Root Principal¶
| Link | Notes |
|---|---|
| Summit Route Managing AWS root passwords and MFA | How not use the root user account, and how to manage the credentials (password and MFA) for the root user effectively |
| Security Implication of Root principal in AWS | An interesting way of abusing the AWS KMS for data exfiltration in restricted VPCs |
Audit¶
| Link | Notes |
|---|---|
| Summit Route How to audit AWS IAM and resource policies |
|
| Top ten AWS identity health checks to improve security in the cloud | Ten recommended AWS identity health checks which can help you understand your IAM health, prioritize improvements to your IAM implementation, and operationalize effective access management processes |