Analyze resource-based policy dependencies across your AWS Organizations accounts

Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment for AWS Organizations open-source tool helps simplify this process by giving you a central place to evaluate and manage all your accounts.

Instead of manually reviewing resources across individual accounts, which can take hours, you can now run automated scans from a web-based interface. The tool helps you find things like which accounts are set up as delegated administrators, where identity- or resource-based policies are in use, and which AWS services have trusted access enabled for your organization.

Key Features

• Simple web UI – You can view and troubleshoot scan results directly in the web interface, no command line required.
• Supports 25 AWS services – The tool works with more than 25 AWS services that use trusted access to perform tasks across accounts.
• Three types of scans
  • Resource-based policies
  • Delegated administrator accounts
  • Trusted access enabled services

This tool is useful for anyone who wants to quickly understand the security and management setup of their AWS Organizations environment without digging through each account manually.

Account Assessment for AWS Organizations is available on GitHub.

Must read:

• GitHub CISO on security strategy and collaborating with the open-source community
• Don’t let these open-source cybersecurity tools slip under your radar
• 33 open-source cybersecurity solutions you didn’t know you needed

Subscribe to the Help Net Security ad-free monthly newsletter to stay informed on the essential open-source cybersecurity tools. Subscribe here!