This post original appeared on the CommonFate.io blog. If you’re the administrator or owner of an AWS environment and are still relying on IAM users for your human users to access AWS IAM, then you should be considering
iam
A collection of 10 posts
Programmatic AWS Action List!
It's happened. It's finally here. No, I'm not talking about the next iPhone. I'm talking about programmatic access to the AWS IAM action list! Wait, what do you mean "I'
AWS IAM Policy Review 1
Why doesn't this policy work with this condition?
Understanding the AWS zone of trust
Understanding the zone of trust is critical if you want to secure your AWS resources.
AWS IAM Access Analyzer Policy Validation Checks
While I found the recently announced list of checks that IAM Access Analyzer performs on your policies buried deep in the documentation, it wasn't as easy to navigate as I would've liked. Here's the
AWS IAM:PassRole explained
A common point of confusion when getting started with AWS IAM, and when trying to implement "least privileges" on IAM is the message "is not authorized to perform: iam:PassRole on resource". Usually this refers to
Effective Actions for AWS IAM
TL;DR I made Effective IAM Actions [https://bigorange.cloud/actions/], a small tool to expand wildcards "*"in IAM Policy Actions [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_action.html] so that you can
Don't use Tags to Manage Permissions in AWS
The main problem is this: By using tags for authorisation, you have a multitude of completely new - per-service - actions that can be used to compromise your security posture.