A naukri.com initiative
Amazon
2w
245
Image Credit: Amazon
Customize the scope of IAM Access Analyzer unused access analysis
- AWS Identity and Access Management Access Analyzer is a tool that simplifies inspecting unused access and guides towards least privilege.
- You can use unused access findings to identify over-permissive access granted to AWS IAM roles and users in your accounts or organization.
- Recently, IAM Access Analyzer launched new configuration capabilities that you can use to customize the analysis.
- You can select accounts, roles, and users to exclude and focus on the areas that matter the most to you.
- This customization using the new configuration capabilities helps to reduce noise from unwanted findings.
- IAM Access Analyzer unused access analysis can be set up at the organization level to monitor the AWS accounts in your organization.
- In this post, we walkthrough how to exclude specific AWS accounts from the analyzer's unused access findings.
- You can also exclude tagged IAM roles to focus on the most relevant security insights and update the exclusions configured on your analyzer as required.
- By customizing the exclusion on the unused access analyzer, you can focus on the findings that matter most.
- IAM Access Analyzer provides enhanced controls to help tailor the analysis closely to your organization’s security needs.
Read Full Article
14 Likes
For uninterrupted reading, download the app