|
|
|
|
|
|
by kapilvt
1949 days ago
|
|
|
fwiw the opensource (and cncf incubator project) https://cloudcustodian.io can detect and remediate these modifications to embedded iam policies (across many resource types) in realtime that share beyond an organizations/accounts boundaries. its like access analyzer except its flexible enough to understand internal org distinctions (dev/prod separation) and allowed access to third parties. |
|
|