HackerTrans
TopNewTrendsCommentsPastAskShowJobs

talauslander

no profile record

comments

talauslander
·قبل 4 سنوات·discuss
That's definitely something we are addressing! Would you like to sign up for the beta? Will love getting your feedback and helping you remediate this pain
talauslander
·قبل 4 سنوات·discuss
Thanks!

Didn't know about Pike :) Looks interesting, though it is based on a static analysis approach which has its downsides since it might not look the same as the actual activity.

AirIAM was an inspiration for us - it is generally good to group users together and for finding unused policies. We focus on generating an exact policy per identity.
talauslander
·قبل 4 سنوات·discuss
We definitely love iamlive! Iamlive is easy to operate manually on a single instance, and outputs the results to the terminal, making it great for local exploration. We focus on observing IAM at scale, collecting data from multiple sources - local / staging / per-developer environments etc. We know to find the relevant IaC code piece and generate policies in the form of Git Pull Requests.
talauslander
·قبل 4 سنوات·discuss
To add some more pros, Access Analyzer has limits on the amount of policies you can generate at a certain time and doesn't support all AWS services
talauslander
·قبل 4 سنوات·discuss
Thanks! We were partially inspired by it. Our approach is slightly different - we believe we shouldn't be the focal point of IAM but rather integrate with the existing tools organizations use such as Git, Terraform etc