Integrating AWS IAM Access Analyzer in a CI/CD Pipeline

可以跟着Workshop学习如何将AWS IAM Access Analyzer嵌入到CI/CD的开发流程中。

AWS IAM Access Analyzer 是一种AWS服务使用 automated reasoning 系统分析附加给资源的 access control policies ,并确定哪些资源可以被公开访问,或者从其他账号访问。

Access Analyzer 还能根据 100 多项检查对基于身份和基于资源的策略进行验证,每项检查的目的都是为了改善安全态势,并帮助您大规模简化策略管理。Here is the full list of checks that are run against your IAM policy when you call ValidatePolicy.

workshop - https://catalog.us-east-1.prod.workshops.aws/workshops/fff8e490-f397-43d2-ae26-737a6dc4ac68/en-US/30-iam-access-analyzer

上一页Secure Software Development Framework SSDF下一页IAM Access Analyzer custom policy checks

最后更新于