Repokid Logo

Repokid

0
Free
Visit Website

Repokid uses Access Advisor provided by Aardvark to remove permissions granting access to unused services from the inline policies of IAM roles in an AWS account. Getting Started: - Install mkvirtualenv repokid - git clone git@github.com:Netflix/repokid.git - cd repokid - pip install -e . - repokid config config.json DynamoDB: - You will need a DynamoDB table called repokid_roles (specify account and endpoint in dynamo_db in config file). - The table should have RoleId (string) as a primary partition key, no primary sort key. - A global secondary index named Account with a primary partition key of Account and RoleId and Account as projected attributes. - A global secondary index named RoleName with a primary partition key of RoleName and RoleId and RoleName as projected attributes. - For development, you can run dynamo locally. To run locally: docker-compose up. The endpoint for DynamoDB will be http://localhost:8000. A DynamoDB admin panel can be found at http://localhost:8001. If you run the development version the table and index will be created for you automatically. IAM Permissions: - Repokid needs an IAM Role in each account that will be queried.

FEATURES

ALTERNATIVES

A cloud-based platform that discovers, monitors, and manages non-human identities and their associated credentials across cloud infrastructure.

Commercial

Akamai Account Protector is a cybersecurity tool that prevents account abuse by detecting and mitigating fraudulent activities through user behavior analysis and real-time risk scoring.

Commercial

Securely store and access AWS credentials in a development environment.

Free

Permiso is an Identity Threat Detection and Response platform that provides comprehensive visibility and protection for identities across multiple cloud environments.

Commercial

A web service for easier AWS IAM permissions and credential management with various login methods and IAM Self-Service Wizard.

Free

PowerUp aims to be a clearinghouse of common Windows privilege escalation vectors that rely on misconfigurations.

Free

A comprehensive resource for securing Active Directory, including attack methods and effective defenses.

Free

OpenIAM offers a unified identity governance platform featuring CIAM, MFA, and PAM integration.

Free