HackerTrans
TopNewTrendsCommentsPastAskShowJobs

talauslander

no profile record

comments

talauslander
·4 года назад·discuss
That's definitely something we are addressing! Would you like to sign up for the beta? Will love getting your feedback and helping you remediate this pain
talauslander
·4 года назад·discuss
Thanks!

Didn't know about Pike :) Looks interesting, though it is based on a static analysis approach which has its downsides since it might not look the same as the actual activity.

AirIAM was an inspiration for us - it is generally good to group users together and for finding unused policies. We focus on generating an exact policy per identity.
talauslander
·4 года назад·discuss
We definitely love iamlive! Iamlive is easy to operate manually on a single instance, and outputs the results to the terminal, making it great for local exploration. We focus on observing IAM at scale, collecting data from multiple sources - local / staging / per-developer environments etc. We know to find the relevant IaC code piece and generate policies in the form of Git Pull Requests.
talauslander
·4 года назад·discuss
To add some more pros, Access Analyzer has limits on the amount of policies you can generate at a certain time and doesn't support all AWS services
talauslander
·4 года назад·discuss
Thanks! We were partially inspired by it. Our approach is slightly different - we believe we shouldn't be the focal point of IAM but rather integrate with the existing tools organizations use such as Git, Terraform etc