AWS Least-Privileged Access (LPA)
An overview of the AWS LPA feature
The AWS Least Privileged Access (LPA) feature within InsightCloudSec collects and presents the actions executed by a given user or role within a given time period. These logged actions are collected and analyzed to provide insights to the customer. This feature is mainly documented in two sections:
- Setup, which presents configuration instructions
As of InsightCloudSec v. 23.4.11, the new universal onboarding experience for AWS accounts uses CloudFormation Templates (CFTs) to automatically provision relevant accounts with the necessary policies and roles. This means it is easiest to perform LPA configuration while onboarding an account/organization. Review AWS Cloud - Onboarding for more information.
- Usage, which presents how to view and utilize the data collected within InsightCloudSec
Note: If you are looking for LPA functionality related to Azure, check out the content around Azure LPA Setup. As always, if you have questions about this feature or any others, reach out us through any of the options identified under Getting Support.
Updated about 2 months ago