Sold by: IAM Cross Check
Deployed on AWS
CrossIAMCheck: Secure Your AWS Multi-Account Environment
Overview
In today's complex AWS cloud environments with multiple accounts, managing and controlling access across accounts is critical for security and compliance. CrossIAMCheck is a powerful tool designed to analyze and validate your AWS Identity and Access Management (IAM) cross-account configurations, roles, and permissions. With CrossIAMCheck, you can easily identify potential security risks, misconfigurations, and access control vulnerabilities across your entire AWS account infrastructure. The tool performs comprehensive checks on IAM roles, policies, trust relationships, and resource access permissions, ensuring that your cross-account access follows best practices and adheres to your organization's security standards.
Highlights
- Multi-Account Analysis: Scan and assess IAM configurations across multiple AWS accounts simultaneously, providing a unified view of your cross-account access landscape.
- Cross-Account Role Validation: Verify the trust relationships, permissions, and resource access granted to cross-account roles, ensuring that they align with your intended access controls.
- Policy Analysis: Inspect and evaluate IAM policies, including those attached to roles and resources, identifying potential misconfigurations or excessive permissions.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Debian 12
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
t3a.medium Recommended | $4.00 |
t3a.xlarge | $4.00 |
t3a.large | $4.00 |
t3a.2xlarge | $4.00 |
t3a.micro | $4.00 |
t3a.small | $4.00 |
t3a.nano | $4.00 |
Vendor refund policy
None
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Initial release to easily identify potential security risks, misconfigurations, and access control vulnerabilities across your entire AWS account infrastructure.
Additional details
Usage instructions
login via ec2-user using the pem file. followed by below.
Install
pip3 install --user cloudsplaining
If pip3 is not installed on your system follow below instruction. https://pip.pypa.io/en/stable/installation/
Scan
cloudsplaining scan-policy-file --input-file explicit-actions.json
Make sure, you attach an IAM role to this instance which has access to "iam:GetAccountAuthorizationDetails". Dump all the data from GetAccountAuthorizationDetails into above file (explicit-actions.json) and run the scan
Support
Vendor support
Email: iamcrosscheck@gmail.com
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Vulnerability and Patch Management
Top
50
In Log Analysis
Top
100
In Infrastructure as Code
AI generated from product descriptions
Multi-Account IAM Configuration Analysis
Scan and assess IAM configurations across multiple AWS accounts simultaneously, providing a unified view of cross-account access landscape.
Cross-Account Role Validation
Verify trust relationships, permissions, and resource access granted to cross-account roles to ensure alignment with intended access controls.
IAM Policy Analysis
Inspect and evaluate IAM policies attached to roles and resources to identify misconfigurations and excessive permissions.
Security Risk Detection
Identify potential security risks, misconfigurations, and access control vulnerabilities across AWS account infrastructure.
Trust Relationship Verification
Perform comprehensive checks on IAM role trust relationships to validate cross-account access configurations against organizational security standards.
Natural Language Processing Integration
Advanced Natural Language Processing capabilities enable conversational interaction with IAM metrics and data, allowing users to pose questions and extract insights through natural language queries within the AWS Console.
Real-time Change Analytics
Real-time change analytics and access reviews that continuously monitor and instantaneously analyze alterations to IAM resources and access configurations across AWS environments.
Predictive Analytics Engine
Predictive analytics capabilities that anticipate IAM challenges and security risks before they occur, enabling proactive remediation strategies.
Multi-account IAM Data Aggregation
Active query model that securely queries, combines, and analyzes IAM data from multiple AWS accounts in real-time, supporting fragmented organizations and independent AWS account structures.
AI-driven Anomaly Detection
AI-driven anomaly detection combined with Natural Language Processing to identify and provide clear understanding of irregular or risky behavior patterns in IAM resources.
IAM Access Analysis
Audit IAM configuration to identify IAM administrators, unused principals, old credentials, and unexpected access to critical AWS services, S3 buckets, and KMS keys
Policy Automation Integration
Deploy secure IAM policies through infrastructure code pipelines using CDK and Terraform libraries for automated policy generation
Access Reporting
Generate daily comprehensive access reports that communicate access permissions in simplified language understandable to all engineers
Continuous Compliance Monitoring
Perform continuous audits of IAM configuration and access controls integrated with continuous delivery workflows
Multi-Resource Access Control
Manage and audit access permissions across AWS services, S3 buckets, and KMS encryption keys with unified visibility
Standard contract
No
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.