Repository files navigation

MAMIP is a tool that monitors changes in AWS Managed IAM Policies and provides automated notifications through multiple channels.

• Automated monitoring of AWS Managed IAM Policies
• Policy validation using AWS Access Analyzer
• Multiple notification channels
• Tracking of deprecated policies
• Serverless architecture using ECS Fargate (Spot)

1. Social Media

   • Bluesky
   • Twitter/𝕏 Account

2. GitHub Notifications

   • Enable "Releases Only" notifications

3. AWS SNS Topic

   aws sns subscribe \  --topic-arn arn:aws:sns:eu-west-1:567589703415:mamip-sns-topic \  --protocol email \  --notification-endpoint your-email@example.com

4. RSS Feed

   • Subscribe to theGitHub RSS Feed

Each AWS Managed Policy is automatically validated usingAWS Access Analyzer Policy Validation. Validation findings are stored in thefindings folder.

The repository maintains a list ofdeprecated policies that are no longer actively managed by AWS. Policy validation is only performed on current AWS-managed policies.

The monitoring service runs on ECS Fargate (Spot) with configurable schedules. Current settings can be found in theTerraform configuration.

Special thanks toScott Piper for the original concept. This project extends his idea by:

• Automating the monitoring process
• Adding multiple notification channels
• Implementing policy validation
• Tracking deprecated policies

This project is licensed under the GNU General Public License v3.0 - see theLICENSE file for details.