Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/zoph-io/MAMIP

[MAMIP] Monitor AWS Managed IAM Policies Changes
https://github.com/zoph-io/MAMIP

aws changes iam managed monitor policies security

Last synced: 9 days ago
JSON representation

[MAMIP] Monitor AWS Managed IAM Policies Changes

Host: GitHub
URL: https://github.com/zoph-io/MAMIP
Owner: zoph-io
License: gpl-3.0
Fork: true (SummitRoute/aws_managed_policies)
Created: 2019-08-29T19:07:56.000Z (about 5 years ago)
Default Branch: master
Last Pushed: 2024-10-29T20:11:36.000Z (11 days ago)
Last Synced: 2024-10-29T20:21:54.560Z (11 days ago)
Topics: aws, changes, iam, managed, monitor, policies, security
Language: Python
Homepage: https://bio.link/zoph
Size: 12.4 MB
Stars: 472
Watchers: 26
Forks: 31
Open Issues: 0
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE

Awesome Lists containing this project

README

        # :loudspeaker: [MAMIP] Monitor AWS Managed IAM Policies

[![[Prod] MAMIP - GitHub Actions](https://github.com/z0ph/MAMIP/actions/workflows/main.yml/badge.svg?branch=master)](https://github.com/z0ph/MAMIP/actions/workflows/main.yml)

## :hand: Usage

### :four: Four options to get notified

1. Follow the [Twitter/𝕏 Account](https://twitter.com/mamip_aws) or on [Mastodon](https://infosec.exchange/@[email protected]).

[![Mamip Twitter Screenshot](assets/mamip_twitter.png)](https://twitter.com/mamip_aws)

2.  Activate `Releases Only` Notification feature of Github

3.  Subscribe to the SNS Topic

        $ aws sns subscribe --topic-arn arn:aws:sns:eu-west-1:567589703415:mamip-sns-topic --protocol email --notification-endpoint [email protected]

4.  Subscribe to the Github [RSS Feed](https://github.com/z0ph/MAMIP/commits/master.atom) (`master` branch)

## :white_check_mark: Policy Validation

[AWS Access Analyzer Policy Validation](https://aws.amazon.com/blogs/aws/iam-access-analyzer-update-policy-validation/) is used on each AWS Managed Policies. You can check findings in the [findings folder](./findings/).

## :older_man: Deprecated Policies

Some AWS Managed Policies are now [deprecated](./DEPRECATED.json) since they first appeared in this repository. Policy validation only takes place on actual AWS-managed policies.

#### :clock1: Schedule

- ECS + Fargate (Spot): [current setting](https://github.com/z0ph/MAMIP/blob/master/automation/tf-fargate/variables.tf#L66-L69)

### :triangular_ruler: Architecture Design

![Schema ECS Fargate](assets/schema.drawio.svg)

### 🎖️ Credits

Thanks to [Scott Piper](https://twitter.com/0xdabbad00) for the original idea, this product automates the retrieval of new AWS Managed IAM Policies making it easier to monitor and get alerted when changes occur + additional features.