CloudTracker is an IAM analysis tool that identifies over-privileged users and roles in AWS environments by comparing actual usage patterns from CloudTrail logs against current IAM policies. The tool analyzes CloudTrail activity logs to determine which permissions are actually being used by IAM entities, then compares this usage data with the permissions granted in their current policies. This comparison helps identify permissions that are granted but never used, indicating potential over-privileging. CloudTracker requires setup of a virtual environment and installation via package manager. Users must download IAM data using AWS CLI and configure the tool with a configuration file to specify analysis parameters. The tool provides insights into IAM permission usage patterns, helping security teams identify opportunities to implement least privilege access by removing unused permissions from IAM policies.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A PHP OAuth 2.0 authorization server implementation with support for various grants and RFCs.
An automated script that configures Active Directory domains using customizable XML configuration files.
A list of disposable email domains to detect or block disposable accounts
A simple drop-in library for managing users, permissions, and groups in your application.
Encrypt Kubernetes Secrets into SealedSecrets for safe storage and controlled decryption within the cluster.