IAM challenges in Amazon Web Services (AWS)

Over the course of 20 years, AWS has given us many ways to manage identity and access: permanent access keys for users, super admin roles, inline policies, permission sets… making it almost impossible to ensure that any decent-sized team has only the privileges they need. It keeps us up at night, wondering if there’s a disabled user with god-like super admin permissions just waiting to get re-enabled and abused.

Trustle for AWS

Unused privileges

When you connect Trustle to your AWS environment, in as little as 30 minutes, you’ll be shown all of the permissions your users currently hold and whether they’ve used these permissions in the past 90 days. An inline policy that grants a user 181 permissions in S3? A former contractor granted a role 461 permissions in EC2? Find out if someone’s made these mistakes as soon as you connect Trustle.

Just-in-time (JIT) access

Users looking for quick access in AWS can request exactly the IAM or Identity Center group they need to join for the length of time you permit. They don’t even need to leave Slack or Microsoft Teams to do so.

Joiners, movers, and leavers

Quickly get people the access they need when they join your organization, swap out their privileges when they move between projects, and automatically revoke all of their permissions when they leave the company.

‍