项目作者: cloudsploit

项目描述 :
Lambda stack to delete AWS access keys as soon as they are created
高级语言: JavaScript
项目地址: git://github.com/cloudsploit/aws-access-keys-instant-delete.git


aws-access-keys-instant-delete

CloudFormation template that deploys the resources necessary to monitor for the creation of IAM user access keys and delete them within seconds of creation.

  • Lambda Function - Provides the compute necessary for deleting the access keys when triggered.
  • CloudWatch Event Rules - Monitors AWS API calls for the IAM:CreateAccessKey call and triggers the Lambda function when detected.
  • IAM Role - Gives permission to the Lambda function to delete IAM access keys.

Installation

  1. Log into your AWS account (us-east-1 region) as a user with permissions to create resources
  2. Ensure AWS CloudTrail is enabled and monitoring your account for IAM events.s
  3. Click this quick link to deploy the CloudFormation template