{"id":13510681,"url":"https://github.com/zoph-io/MAMIP","last_synced_at":"2025-03-30T16:34:43.378Z","repository":{"id":40470413,"uuid":"205233000","full_name":"zoph-io/MAMIP","owner":"zoph-io","description":"[MAMIP] Monitor AWS Managed IAM Policies Changes ","archived":false,"fork":true,"pushed_at":"2024-10-29T20:11:36.000Z","size":12950,"stargazers_count":472,"open_issues_count":0,"forks_count":31,"subscribers_count":26,"default_branch":"master","last_synced_at":"2024-10-29T20:21:54.560Z","etag":null,"topics":["aws","changes","iam","managed","monitor","policies","security"],"latest_commit_sha":null,"homepage":"https://bio.link/zoph","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"SummitRoute/aws_managed_policies","license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zoph-io.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null},"funding":{"github":"z0ph"}},"created_at":"2019-08-29T19:07:56.000Z","updated_at":"2024-10-29T20:11:41.000Z","dependencies_parsed_at":"2023-09-29T03:47:44.782Z","dependency_job_id":null,"html_url":"https://github.com/zoph-io/MAMIP","commit_stats":null,"previous_names":["z0ph/mamip"],"tags_count":1901,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zoph-io%2FMAMIP","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zoph-io%2FMAMIP/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zoph-io%2FMAMIP/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zoph-io%2FMAMIP/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zoph-io","download_url":"https://codeload.github.com/zoph-io/MAMIP/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222566739,"owners_count":17004237,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aws","changes","iam","managed","monitor","policies","security"],"created_at":"2024-08-01T02:01:49.566Z","updated_at":"2025-03-30T16:34:43.371Z","avatar_url":"https://github.com/zoph-io.png","language":"Python","funding_links":["https://github.com/sponsors/z0ph"],"categories":["Python","TypeScript","aws"],"sub_categories":[],"readme":"# 🔊 MAMIP - Monitor AWS Managed IAM Policies\n\n[![[Prod] MAMIP - GitHub Actions](https://github.com/z0ph/MAMIP/actions/workflows/main.yml/badge.svg?branch=master)](https://github.com/z0ph/MAMIP/actions/workflows/main.yml)\n\nMAMIP is a tool that monitors changes in AWS Managed IAM Policies and provides automated notifications through multiple channels.\n\n## 🔍 Features\n\n- Automated monitoring of AWS Managed IAM Policies\n- Policy validation using AWS Access Analyzer\n- Multiple notification channels\n- Tracking of deprecated policies\n- Serverless architecture using ECS Fargate (Spot)\n\n## 🖐 Usage\n\n### Four Ways to Get Notified\n\n1. **Social Media**\n   - [Bluesky](https://bsky.app/profile/mamip.bsky.social)\n   - [Twitter/𝕏 Account](https://x.com/mamip_aws)\n\n2. **GitHub Notifications**\n   - Enable \"Releases Only\" notifications\n\n3. **AWS SNS Topic**\n   ```bash\n   aws sns subscribe \\\n     --topic-arn arn:aws:sns:eu-west-1:567589703415:mamip-sns-topic \\\n     --protocol email \\\n     --notification-endpoint your-email@example.com\n   ```\n\n4. **RSS Feed**\n   - Subscribe to the [GitHub RSS Feed](https://github.com/z0ph/MAMIP/commits/master.atom)\n\n## ✅ Policy Validation\n\nEach AWS Managed Policy is automatically validated using [AWS Access Analyzer Policy Validation](https://aws.amazon.com/blogs/aws/iam-access-analyzer-update-policy-validation/). Validation findings are stored in the [findings folder](./findings/).\n\n## 👴 Deprecated Policies\n\nThe repository maintains a list of [deprecated policies](./DEPRECATED.json) that are no longer actively managed by AWS. Policy validation is only performed on current AWS-managed policies.\n\n## ⏰ Schedule\n\nThe monitoring service runs on ECS Fargate (Spot) with configurable schedules. Current settings can be found in the [Terraform configuration](https://github.com/z0ph/MAMIP/blob/master/automation/tf-fargate/variables.tf).\n\n## 📐 Architecture\n\n![Schema ECS Fargate](assets/schema.drawio.svg)\n\n## 🎖️ Credits\n\nSpecial thanks to [Scott Piper](https://twitter.com/0xdabbad00) for the original concept. This project extends his idea by:\n- Automating the monitoring process\n- Adding multiple notification channels\n- Implementing policy validation\n- Tracking deprecated policies\n\n## 📄 License\n\nThis project is licensed under the GNU General Public License v3.0 - see the [LICENSE](LICENSE) file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzoph-io%2FMAMIP","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzoph-io%2FMAMIP","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzoph-io%2FMAMIP/lists"}