AWS Security Blog
Tag: AWS IAM policies
How to implement IAM policy checks with Visual Studio Code and IAM Access Analyzer
In a previous blog post, we introduced the IAM Access Analyzer custom policy check feature, which allows you to validate your policies against custom rules. Now we’re taking a step further and bringing these policy checks directly into your development environment with the AWS Toolkit for Visual Studio Code (VS Code). In this blog post, […]
Customize the scope of IAM Access Analyzer unused access analysis
AWS Identity and Access Management Access Analyzer simplifies inspecting unused access to guide you towards least privilege. You can use unused access findings to identify over-permissive access granted to AWS Identity and Access Management (IAM) roles and users in your accounts or organization. From a delegated administrator account for IAM Access Analyzer, you can use the dashboard […]
Refine unused access using IAM Access Analyzer recommendations
As a security team lead, your goal is to manage security for your organization at scale and ensure that your team follows AWS Identity and Access Management (IAM) security best practices, such as the principle of least privilege. As your developers build on AWS, you need visibility across your organization to make sure that teams […]
The Most Viewed AWS Security Blog Posts in 2017
September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. The following 10 posts were the most viewed AWS Security Blog posts that we published during 2017. You can use this list as a guide to catch up on your AWS Security Blog reading or read a post again that […]
Use the New Visual Editor to Create and Modify Your AWS IAM Policies
AWS Identity and Access Management (IAM) has made it easier for you to create and modify your IAM policies by using a point-and-click visual editor in the IAM console. The new visual editor guides you through granting permissions using IAM policies without requiring you to write the policy in JSON (although you can still author and edit policies in JSON, if you prefer). This update to the IAM console makes it easier to grant least privilege permissions for the AWS service actions you select by listing all the supported resource types and request conditions you can specify. And, as with policy summaries, the visual editor also identifies and helps you correct unrecognized services and actions and permissions errors when you import existing policies. In this blog post, I give a brief overview of policy concepts and show you how to create a new policy by using the visual editor.