Project Description
This Op will identify IAM Roles and users/groups with excessive IAM permissions for data access.
Summary:
Identify and correct any IAM policies that allow excessive data access permissions. This assessment focuses on S3 and DynamoDB and identifies and restricts all IAM policies (managed and inline) that allow excessive permissions for tables, buckets and objects.
Supported Services:
- S3
- DynamoDB
Supported Actions:
- Restrict Data Access
- Remove Exposed Data Actions
Platform:

Related Articles
Sending Events (Like GuardDuty) from CloudWatch to Lambda
Sending Events (Like GuardDuty) from CloudWatch to Lambda Someone pointed me to a Reddit post asking how to send and access the JSON from a GuardDuty finding into Lambda. This is easy if you [...]
Has the Cloud changed Software Development for Good?
Has the Cloud changed Software Development for Good? One of two concepts might have popped into your head when reading the title of this blog. Has software development improved? – OR – Has software [...]