Sold by: IAM Cross CheckÂ
Overview
In today's complex AWS cloud environments with multiple accounts, managing and controlling access across accounts is critical for security and compliance. CrossIAMCheck is a powerful tool designed to analyze and validate your AWS Identity and Access Management (IAM) cross-account configurations, roles, and permissions. With CrossIAMCheck, you can easily identify potential security risks, misconfigurations, and access control vulnerabilities across your entire AWS account infrastructure. The tool performs comprehensive checks on IAM roles, policies, trust relationships, and resource access permissions, ensuring that your cross-account access follows best practices and adheres to your organization's security standards.
Highlights
- Multi-Account Analysis: Scan and assess IAM configurations across multiple AWS accounts simultaneously, providing a unified view of your cross-account access landscape.
- Cross-Account Role Validation: Verify the trust relationships, permissions, and resource access granted to cross-account roles, ensuring that they align with your intended access controls.
- Policy Analysis: Inspect and evaluate IAM policies, including those attached to roles and resources, identifying potential misconfigurations or excessive permissions.
Details
Sold by
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Debian 12
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on actual usage, with charges varying according to how much you consume. Subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Cost/hour |
|---|---|
t3a.medium Recommended | $4.00 |
t3a.xlarge | $4.00 |
t3a.large | $4.00 |
t3a.2xlarge | $4.00 |
t3a.micro | $4.00 |
t3a.small | $4.00 |
t3a.nano | $4.00 |
Vendor refund policy
None
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Initial release to easily identify potential security risks, misconfigurations, and access control vulnerabilities across your entire AWS account infrastructure.
Additional details
Usage instructions
login via ec2-user using the pem file. followed by below.
Install
pip3 install --user cloudsplaining
If pip3 is not installed on your system follow below instruction. https://pip.pypa.io/en/stable/installation/Â
Scan
cloudsplaining scan-policy-file --input-file explicit-actions.json
Make sure, you attach an IAM role to this instance which has access to "iam:GetAccountAuthorizationDetails". Dump all the data from GetAccountAuthorizationDetails into above file (explicit-actions.json) and run the scan
Support
Vendor support
Email: iamcrosscheck@gmail.comÂ
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Top
10
In Vulnerability and Patch Management
Top
50
In Log Analysis
Top
100
In Infrastructure as Code
AI generated from product descriptions
Cross-Account Security Analysis
Comprehensive scanning and assessment of IAM configurations across multiple AWS accounts simultaneously
Role Trust Relationship Validation
Verification of cross-account role trust relationships, permissions, and resource access controls
IAM Policy Inspection
Detailed evaluation of IAM policies attached to roles and resources to identify potential misconfigurations
Access Control Vulnerability Detection
Identification of potential security risks and access control vulnerabilities in multi-account AWS environments
Configuration Compliance Checking
Automated verification of IAM configurations against organizational security standards and best practices
Natural Language Processing
Advanced NLP capabilities that translate complex IAM metrics into conversational insights and interactive queries
Real-time Analytics
Seamless integration of external data with continuous, instantaneous change and access analytics across AWS environments
Predictive IAM Intelligence
Avant-garde predictive analytics that anticipate IAM challenges and potential security risks through AI-driven anomaly detection
Multi-account IAM Monitoring
Comprehensive tracking and analysis of IAM resources across AWS Organizations and standalone accounts with unified visibility
Active Query Model
Secure, real-time querying, combination, and analysis of IAM data from multiple AWS accounts using advanced linguistic and computational techniques
IAM Access Analysis
Automated IAM configuration audit with detailed insights into access permissions and potential security risks
Policy Automation
Native integration with infrastructure code pipelines like CDK and Terraform for secure policy deployment
Access Control Reporting
Comprehensive access reports generated in engineer-friendly language with daily delivery
Resource Access Mapping
Detailed identification and tracking of access to critical AWS services, S3 buckets, and KMS keys
Security Configuration Detection
Automated identification of IAM administrators, unused principals, and outdated credentials
Standard contract
No
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.