cloudtracker icon indicating copy to clipboard operation
cloudtracker copied to clipboard

Published 20 hours ago verified publisher icon duo-labs

Show source of privilege

Open 0xdabbad00 opened this issue 7 years ago • 2 comments

Let's say this tool has told you that a user has some unused privilege. The next thing you'll want to know is why the user has that privilege in the first place, especially if there is potentially a condition or just if this user is a member of many groups and this is due to an attached policy within that group, or if the privilege was granted with wildcards which will make it tougher to grep for. So we should know the source of these privileges.

0xdabbad00 avatar Feb 16 '18 23:02 0xdabbad00

This would be a killer feature that I would love to pitch in on. I imagine it will require quite a bit more bookkeeping when building up the lists of allowed actions. If I were to start working on this, where should I begin to make sure the direction is desirable and no in-flight work is re-done?

jcaxmacher avatar Apr 03 '20 19:04 jcaxmacher

Samesies, I'd like to help

kmcquade avatar Apr 03 '20 19:04 kmcquade