Cloudsplaining

Detect Misconfigurations

Introduction

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report.

Installation

pip3 install --user cloudsplaining

# Enable bash completion
eval "$(_CLOUDSPLAINING_COMPLETE=source cloudsplaining)"

# Enable zsh completion
eval "$(_CLOUDSPLAINING_COMPLETE=source_zsh cloudsplaining)"

Scanning a Single IAM Policy

cloudsplaining scan-policy-file --input-file examples/policies/explicit-actions.json

REFERENCES

https://github.com/salesforce/cloudsplaining
https://cloudsplaining.readthedocs.io/en/latest/user-guide/overview/

PreviousProwler NextAttacks & Methodology

Last updated 8 months ago

Was this helpful?