<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>IAM policies &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/iam-policies/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Mon, 21 Jul 2025 23:13:43 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>Beyond IAM access keys: Modern authentication approaches for AWS</title>
		<link>https://noise.getoto.net/2025/07/22/beyond-iam-access-keys-modern-authentication-approaches-for-aws/</link>
		
		<dc:creator><![CDATA[Mitch Beaumont]]></dc:creator>
		<pubDate>Mon, 21 Jul 2025 23:13:43 +0000</pubDate>
				<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS Identity and Access Management]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[Best practices]]></category>
		<category><![CDATA[devops]]></category>
		<category><![CDATA[DevSecOps]]></category>
		<category><![CDATA[IAM]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=e4ee7dfa2608bf03d7bf24667b2d8ec4</guid>

					<description><![CDATA[When it comes to AWS authentication, relying on long-term credentials, such as AWS Identity and Access Management (IAM) access keys, introduces unnecessary risks; including potential credential exposure, unauthorized sharing, or theft. In this post, I present five common use cases where AWS customers traditionally use IAM access keys and present more secure alternatives that you […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Use AWS service reference information to automate policy management workflows</title>
		<link>https://noise.getoto.net/2025/03/24/use-aws-service-reference-information-to-automate-policy-management-workflows/</link>
		
		<dc:creator><![CDATA[Ramesh Rajan]]></dc:creator>
		<pubDate>Mon, 24 Mar 2025 16:03:17 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS IAM Access Analyzer]]></category>
		<category><![CDATA[AWS IAM policies]]></category>
		<category><![CDATA[AWS Identity and Access Management]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[Best practices]]></category>
		<category><![CDATA[IAM]]></category>
		<category><![CDATA[IAM Access Analyzer]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[least privilege]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=5b8657de13178c1445a7c667f74b5b75</guid>

					<description><![CDATA[Amazon Web Services (AWS) provides service reference information in JSON format to help you automate policy management workflows. With the service reference information, you can access available actions across AWS services from machine-readable files. The service reference information helps to address a key customer need: keeping up with the ever-growing list of services and actions […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Four ways to grant cross-account access in AWS</title>
		<link>https://noise.getoto.net/2025/02/24/four-ways-to-grant-cross-account-access-in-aws/</link>
		
		<dc:creator><![CDATA[Anshu Bathla]]></dc:creator>
		<pubDate>Mon, 24 Feb 2025 20:01:05 +0000</pubDate>
				<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS IAM policies]]></category>
		<category><![CDATA[AWS Identity and Access Management]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[Best practices]]></category>
		<category><![CDATA[IAM]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[least privilege]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=d82532a151928554776de736af601f0f</guid>

					<description><![CDATA[As your Amazon Web Services (AWS) environment grows, you might develop a need to grant cross-account access to resources. This could be for various reasons, such as enabling centralized operations across multiple AWS accounts, sharing resources across teams or projects within your organization, or integrating with third-party services. However, granting cross-account access requires careful consideration […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>How to implement IAM policy checks with Visual Studio Code and IAM Access Analyzer</title>
		<link>https://noise.getoto.net/2025/01/14/how-to-implement-iam-policy-checks-with-visual-studio-code-and-iam-access-analyzer/</link>
		
		<dc:creator><![CDATA[Anshu Bathla]]></dc:creator>
		<pubDate>Tue, 14 Jan 2025 17:02:04 +0000</pubDate>
				<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS IAM Access Analyzer]]></category>
		<category><![CDATA[AWS IAM policies]]></category>
		<category><![CDATA[AWS Identity and Access Management]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[IAM]]></category>
		<category><![CDATA[IAM Access Analyzer]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[least privilege]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=e65bb63588f35d018d106aeaff490e5c</guid>

					<description><![CDATA[In a previous blog post, we introduced the IAM Access Analyzer custom policy check feature, which allows you to validate your policies against custom rules. Now we’re taking a step further and bringing these policy checks directly into your development environment with the AWS Toolkit for Visual Studio Code (VS Code). In this blog post, […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Customize the scope of IAM Access Analyzer unused access analysis</title>
		<link>https://noise.getoto.net/2025/01/08/customize-the-scope-of-iam-access-analyzer-unused-access-analysis/</link>
		
		<dc:creator><![CDATA[Stéphanie Mbappe]]></dc:creator>
		<pubDate>Wed, 08 Jan 2025 17:35:14 +0000</pubDate>
				<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS IAM Access Analyzer]]></category>
		<category><![CDATA[AWS IAM policies]]></category>
		<category><![CDATA[AWS Identity and Access Management]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[IAM]]></category>
		<category><![CDATA[IAM Access Analyzer]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[least privilege]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=48e65569ea7a4ab0d9f412e9d81950b1</guid>

					<description><![CDATA[AWS Identity and Access Management Access Analyzer simplifies inspecting unused access to guide you towards least privilege. You can use unused access findings to identify over-permissive access granted to AWS Identity and Access Management (IAM) roles and users in your accounts or organization. From a delegated administrator account for IAM Access Analyzer, you can use the dashboard […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Refine unused access using IAM Access Analyzer recommendations</title>
		<link>https://noise.getoto.net/2024/09/18/refine-unused-access-using-iam-access-analyzer-recommendations/</link>
		
		<dc:creator><![CDATA[Stéphanie Mbappe]]></dc:creator>
		<pubDate>Wed, 18 Sep 2024 19:09:34 +0000</pubDate>
				<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS IAM Access Analyzer]]></category>
		<category><![CDATA[AWS IAM policies]]></category>
		<category><![CDATA[AWS Identity and Access Management]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[IAM Access Analyzer]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[least privilege]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=4648a7ca3a0b47cddf98049ce4b7af27</guid>

					<description><![CDATA[As a security team lead, your goal is to manage security for your organization at scale and ensure that your team follows AWS Identity and Access Management (IAM) security best practices, such as the principle of least privilege. As your developers build on AWS, you need visibility across your organization to make sure that teams […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>IAM Access Analyzer simplifies inspection of unused access in your organization</title>
		<link>https://noise.getoto.net/2023/12/04/iam-access-analyzer-simplifies-inspection-of-unused-access-in-your-organization/</link>
		
		<dc:creator><![CDATA[Achraf Moussadek-Kabdani]]></dc:creator>
		<pubDate>Mon, 04 Dec 2023 20:24:46 +0000</pubDate>
				<category><![CDATA[announcements]]></category>
		<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS Identity and Access Management]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[IAM]]></category>
		<category><![CDATA[IAM Access Analyzer]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Identity and Access Management]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=80cd8e366ec2c959b45d46d0f9b1ddce</guid>

					<description><![CDATA[AWS Identity and Access Management (IAM) Access Analyzer offers tools that help you set, verify, and refine permissions. You can use IAM Access Analyzer external access findings to continuously monitor your AWS Organizations organization and Amazon Web Services (AWS) accounts for public and cross-account access to your resources, and verify that only intended external access […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Introducing IAM Access Analyzer custom policy checks</title>
		<link>https://noise.getoto.net/2023/11/27/introducing-iam-access-analyzer-custom-policy-checks/</link>
		
		<dc:creator><![CDATA[Mitch Beaumont]]></dc:creator>
		<pubDate>Mon, 27 Nov 2023 14:00:04 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[announcements]]></category>
		<category><![CDATA[Automated reasoning]]></category>
		<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS Identity and Access Management]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[devops]]></category>
		<category><![CDATA[DevSecOps]]></category>
		<category><![CDATA[IAM]]></category>
		<category><![CDATA[IAM Access Analyzer]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Identity and Access Management]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Technical How-to]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=54c32ffaf84455d5492a7febba6ffcf3</guid>

					<description><![CDATA[AWS Identity and Access Management (IAM) Access Analyzer was launched in late 2019. Access Analyzer guides customers toward least-privilege permissions across Amazon Web Services (AWS) by using analysis techniques, such as automated reasoning, to make it simpler for customers to set, verify, and refine IAM permissions. Today, we are excited to announce the general availability […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Use scalable controls for AWS services accessing your resources</title>
		<link>https://noise.getoto.net/2023/11/16/use-scalable-controls-for-aws-services-accessing-your-resources/</link>
		
		<dc:creator><![CDATA[James Greenwood]]></dc:creator>
		<pubDate>Thu, 16 Nov 2023 20:02:17 +0000</pubDate>
				<category><![CDATA[AWS Organizations]]></category>
		<category><![CDATA[Best practices]]></category>
		<category><![CDATA[IAM Condition Keys]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Identity and Access Management]]></category>
		<category><![CDATA[Intermediate (200)]]></category>
		<category><![CDATA[New Launch]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=f73b4764ee46b3d05f8bc7dde59da1b6</guid>

					<description><![CDATA[Sometimes you want to configure an AWS service to access your resource in another service. For example, you can configure AWS CloudTrail, a service that monitors account activity across your AWS infrastructure, to write log data to your bucket in Amazon Simple Storage Service (Amazon S3). When you do this, you want assurance that the service […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>How to control access to AWS resources based on AWS account, OU, or organization</title>
		<link>https://noise.getoto.net/2022/04/27/how-to-control-access-to-aws-resources-based-on-aws-account-ou-or-organization/</link>
		
		<dc:creator><![CDATA[Rishi Mehrotra]]></dc:creator>
		<pubDate>Wed, 27 Apr 2022 17:54:12 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[AWS Organizations]]></category>
		<category><![CDATA[IAM Condition Keys]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[Identity and Access Management]]></category>
		<category><![CDATA[New Launch]]></category>
		<category><![CDATA[security]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=5ab36db61cdd2f763a6d95484edb869f</guid>

					<description><![CDATA[AWS Identity and Access Management (IAM) recently launched new condition keys to make it simpler to control access to your resources along your Amazon Web Services (AWS) organizational boundaries. AWS recommends that you set up multiple accounts as your workloads grow, and you can use multiple AWS accounts to isolate workloads or applications that have […]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Techniques for writing least privilege IAM policies</title>
		<link>https://noise.getoto.net/2020/12/02/techniques-for-writing-least-privilege-iam-policies/</link>
		
		<dc:creator><![CDATA[Ben Potter]]></dc:creator>
		<pubDate>Wed, 02 Dec 2020 18:01:31 +0000</pubDate>
				<category><![CDATA[Advanced (300)]]></category>
		<category><![CDATA[AWS IAM]]></category>
		<category><![CDATA[AWS Identity and Access Management (IAM)]]></category>
		<category><![CDATA[AWS Well-Architected]]></category>
		<category><![CDATA[Best practices]]></category>
		<category><![CDATA[IAM policies]]></category>
		<category><![CDATA[least privilege]]></category>
		<category><![CDATA[Security Blog]]></category>
		<category><![CDATA[Security, Identity & Compliance]]></category>
		<category><![CDATA[well architected]]></category>
		<guid isPermaLink="false">http://noise.getoto.net/?guid=bbc6ca1ca98e2a6f1ff59ce7f228443e</guid>

					<description><![CDATA[In this post, I&#8217;m going to share two techniques I&#8217;ve used to write least privilege AWS Identity and Access Management (IAM) policies. If you&#8217;re not familiar with IAM policy structure, I highly recommend you read understanding how IAM works and policies and permissions. Least privilege is a principle of granting only the permissions required to [&#8230;]]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 37/237 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-10 19:52:13 by W3 Total Cache
-->