Identity & Access Management simplified and secure.
Our second release of IAM Zero!
Our major focus this release was core usability features to make IAM Zero useful for developers in a day to day environment. We're not fully there yet - we aim to fix #27 and #28 in v0.3.0 which should make IAM Zero usable for AWS day-to-day to help you build least-privilege permissions.
IAM Zero now groups permission issues recorded for the same token and policy together into a more convenient interface!
In v0.1.0, we only supported a single token (set as an environment variable). This has now been improved and we support multiple tokens to help you identify actions coming from different services or team members. Our v0.2.0 supports using DynamoDB and in-memory token stores (if you'd like support for a different storage backend please let us know in our Slack) and we aim to improve performance here in future releases by caching tokens in our event collection endpoint.
At Common Fate we are now running an internal deployment of IAM Zero hosted on AWS ECS. We're working on documentation to provide a deployment guide for IAM Zero. If you're interested in deploying IAM Zero to build least-privilege permissions in a team environment we'd love to hear from you so that we can best package IAM Zero as a CloudFormation deployment.
The initial release of IAM Zero! We aren't yet producing binary builds but you can build this from source yourself and generate least-privilege IAM policies. This release supports the iamzero local
command which runs a local version of IAM Zero to capture permission issues.