Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today. Learn more →
Top 20 Python Iam Projects
-
awesome-aws
A curated list of awesome Amazon Web Services (AWS) libraries, open source repos, guides, blogs, and other resources. Featuring the Fiery Meter of AWSome.
-
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
-
Scout Monitoring
Free Django app performance insights with Scout Monitoring. Get Scout setup in minutes, and let us sweat the small stuff. A couple lines in settings.py is all you need to start monitoring your apps. Sign up for our free tier today.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
iambic
IAMbic is Version-Control for IAM. It centralizes and simplifies cloud access and permissions. It maintains an eventually consistent, human-readable, bi-directional representation of IAM in Git.
-
aws-allowlister
Automatically compile an AWS Service Control Policy that ONLY allows AWS services that are compliant with your preferred compliance frameworks.
-
aws-leastprivilege
Generates an IAM policy for the CloudFormation service role that adheres to least privilege.
-
IAM-Deescalate
IAM-Deescalate helps mitigate privilege escalation risk in AWS identity and access management (IAM)
-
discover-aws-iam-resource-access
A Python script to discover AWS IAM identities (users and roles) with specified access to specified resources.
-
authum
Awesome authentication tool for connecting command line applications to SAML/OIDC identity and service providers
-
action-aws-iam-assume-role
GitHub Action to assume an AWS IAM role via OpenID Connect (OIDC) or a plain old IAM user.
-
iamzero-python
Identity & Access Management simplified and secure for Python scripts and applications.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
1. Prowler: https://github.com/prowler-cloud/prowler Prowler provides security best practices assessments, audits, incident response readiness, and continuous monitoring for AWS environments.
ugh access + least privilege on AWS + GCP is really hard
not made easier by the fact that debugging service accounts can sometimes require rebooting boxes or clusters
'cloud traceroute' to discover where exactly the problem is would be amazing
(in fairness there are 'least privilege' tools I haven't tried -- listed below and I recall reading about others)
1. iam access analyzer https://aws.amazon.com/blogs/security/iam-access-analyzer-ma...
2. airiam https://github.com/bridgecrewio/AirIAM
3. policy simulator https://cloud.google.com/policy-intelligence/docs/iam-simula...
Project mention: Krptn: User Auth and Encryption of data at rest, derived from users’ credentials | news.ycombinator.com | 2023-09-12Hello, all!
Encryption and user authentication are crucial to cybersecurity.
Encryption can be implemented at various levels. I believe that handling encryption at the application level is the most secure since it decreases the attack surface. For example, the SQL server doesn’t get to see the plaintext.
Krptn is a piece of software I’m currently building which could be used as a user authentication service, which also handles encryption (at the application level) of the user’s associated data (e.g.: the users’ phone number).
(Krptn only has a Python API right now.)
It would run in the same server instance as your Python code, so no need to host anything new (decreased complexity) - just install the Python module and call the APIs.
For additional security, I designed the system to derive the encryption keys from the users’ credentials. This prevents an attacker who gains access to the database from being able to decrypt all the data since the encryption keys aren’t stored anywhere. Additionally, each user gets an asymmetric keypair. This enables users to share specific pieces of information with each other.
I know that, for many projects, this level of encryption is not required to secure their system and hence not everyone would benefit from using this. But I hope that for the people who do wish to have such security, this project will help.
It would be much appreciated if you would try this out. Please let me know what you think of this! Also please provide some feedback if you have any!
Here is an example Django integration: https://github.com/krptn/djangoExample
Here is an example Flask integration: https://github.com/krptn/flaskExample
GitHub repo: https://github.com/krptn/krypton
Python Iam related posts
-
Krptn: User Auth and Encryption of data at rest, derived from users’ credentials
-
AWS Networking Concepts in a Diagram
-
Open source IAM-as-code through IAMbic
-
Open source IAM-as-code
-
Are there any open source tools to centrally manage IAM policies?
-
IAMbic, A multi-account identity-centric IaC
-
AWS Permission Bouncers: Letting Loose in Dev, Keeping it Tight in Prod
-
A note from our sponsor - Scout Monitoring
www.scoutapm.com | 7 Jun 2024
Index
What are some of the best open-source Iam projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | awesome-aws | 12,214 |
2 | prowler | 9,780 |
3 | policy_sentry | 1,947 |
4 | PMapper | 1,351 |
5 | trailscraper | 763 |
6 | AirIAM | 756 |
7 | MAMIP | 456 |
8 | iambic | 274 |
9 | aws-allowlister | 218 |
10 | aws-leastprivilege | 110 |
11 | IAM-Deescalate | 92 |
12 | introspector | 66 |
13 | krypton | 47 |
14 | aws-iam-utils | 19 |
15 | discover-aws-iam-resource-access | 13 |
16 | authum | 7 |
17 | action-aws-iam-assume-role | 6 |
18 | requests-iamauth | 6 |
19 | iamzero-python | 4 |
20 | sso-setup-automation | 3 |