MAMIP is a tool that monitors changes in AWS Managed IAM Policies and provides automated notifications through multiple channels.
- Automated monitoring of AWS Managed IAM Policies
- Policy validation using AWS Access Analyzer
- Multiple notification channels
- Tracking of deprecated policies
- Serverless architecture using ECS Fargate (Spot)
-
Social Media
-
GitHub Notifications
- Enable "Releases Only" notifications
-
AWS SNS Topic
aws sns subscribe \ --topic-arn arn:aws:sns:eu-west-1:567589703415:mamip-sns-topic \ --protocol email \ --notification-endpoint your-email@example.com
-
RSS Feed
- Subscribe to the GitHub RSS Feed
Each AWS Managed Policy is automatically validated using AWS Access Analyzer Policy Validation. Validation findings are stored in the findings folder.
The repository maintains a list of deprecated policies that are no longer actively managed by AWS. Policy validation is only performed on current AWS-managed policies.
The monitoring service runs on ECS Fargate (Spot) with configurable schedules. Current settings can be found in the Terraform configuration.
Special thanks to Scott Piper for the original concept. This project extends his idea by:
- Automating the monitoring process
- Adding multiple notification channels
- Implementing policy validation
- Tracking deprecated policies
This project is licensed under the GNU General Public License v3.0 - see the LICENSE file for details.