Session Name: Migrating existing IAM to least-privilege IAM as IaC
The AWS IAM service can be complex to manage, which more often than not leads to bad IAM usage practices, many human errors and redundant risk. In this talk we suggest to codify AWS IAM and manage it like any other code library. We demonstrate a method to automatically migrate a live AWS IAM environment to a manageable Terraform codebase and show how to start to governing it using policy-as-code.
Nimrod leads various cloud security researches. He is an open source contributor to various AWS security projects and also part of Bridgecrew's founding team. A believer in terraform as a security enabler.