项目作者: cloudsploit
项目描述 :
Lambda stack to delete AWS access keys as soon as they are created
高级语言: JavaScript
项目地址: git://github.com/cloudsploit/aws-access-keys-instant-delete.git
aws-access-keys-instant-delete

CloudFormation template that deploys the resources necessary to monitor for the creation of IAM user access keys and delete them within seconds of creation.
- Lambda Function - Provides the compute necessary for deleting the access keys when triggered.
- CloudWatch Event Rules - Monitors AWS API calls for the IAM:CreateAccessKey call and triggers the Lambda function when detected.
- IAM Role - Gives permission to the Lambda function to delete IAM access keys.
Installation
- Log into your AWS account (us-east-1 region) as a user with permissions to create resources
- Ensure AWS CloudTrail is enabled and monitoring your account for IAM events.s
- Click this quick link to deploy the CloudFormation template