An Automated Approach to Identifying and Mitigating Least Privilege Violations in AWS IAM Policies
Author(s):
Janhvi Pankaj Kamble, Suraksha Khurana , Purvi Bajaj
Keywords:
Cloud Security Posture Management System (CSPM), Amazon Web Service(AWS), Identity Access and Management (IAM) Policy, Identity Service Providers (IdSP), IAM as a Service (IAMaaS), Google Cloud Platform Services(GCP), Application programming interface(API), Role-Based Access Control(RBAC)
Abstract
The research presents an automated tool to identify violations of the principle of least privilege in AWS Identity and Access Management (IAM) policies. The tool scans all IAM policies within an AWS account or a single policy file, analyzing policy documents to identify potentially risky permissions. It uses the Boto3 library and Python programming language to retrieve policy information and assess permissions. The analysis results are presented in an HTML report, providing an intuitive triage worksheet for security professionals. This tool contributes to automating security practices in cloud environments, enhancing efficiency and decision-making.
Article Details
Unique Paper ID: 164686

Publication Volume & Issue: Volume 10, Issue 12

Page(s): 2353 - 2359
Article Preview & Download


Share This Article

Join our RMS

Conference Alert

NCSEM 2024

National Conference on Sustainable Engineering and Management - 2024

Last Date: 15th March 2024

Call For Paper

Volume 11 Issue 1

Last Date for paper submitting for Latest Issue is 25 June 2024

About Us

IJIRT.org enables door in research by providing high quality research articles in open access market.

Send us any query related to your research on editor@ijirt.org

Social Media

Google Verified Reviews