Victor Grenu

IAMTrail was taking 46 minutes to scan 1,500 AWS managed policies. The culprit: spawning 1,500 separate AWS CLI processes. Each one boots Python, loads boto3, makes one HTTP call, then exits.

Now IAMTrail scans hourly instead of every 4 hours. Faster detection, smaller Fargate task (0.25 vCPU / 0.5 GiB). Annual Fargate savings: $9.07. Cost of the Cursor + Claude session to build this: probably more than that. But YOLO. Full breakdown in the blog post. 🔽

Tricky part wasn't the code. It was maintaining byte-level format compatibility with 5 years of git history. One misplaced space would flag every policy as "changed."

All of these changes are available in the email subscription feature. PS: It's free and OpenSource. Please don't tell AWS =) Cheers,

You will be able to follow GuardDuty's new findings, updated findings, new features, and region expansion. All in the same place as AWS Managed Policies changes, AWS Endpoint Updates, and Well-Known AccountID Lookup.

Did you know that AWS publishes SNS notifications when changes occur on Amazon GuardDuty? I've been monitoring and archiving this for 4+ years, and it's now available on IAMTrail.

The third edition of fwd:cloudsec Europe will take place on September 7-8 in London! The CFP has just opened, we're looking forward to your submissions! fwdcloudsec.org/conference/eur…

@theomegabit What is the error message, please?

@zoph The site isn't working for me atm. Tried signing up for the email digest as well, similar issue.

IAMTrail now tracks AWS endpoint changes, sourced directly from the Official botocore AWS repository. It reveals service expansions, new region launches, and new partitions - often before they're officially announced.

Go a little bit out of your depth. And when you don't feel that your feet are quite touching the bottom, you're just about in the right place to do something exciting."

"If you feel safe in the area that you're working in, you're not working in the right area. Always go a little further in the water than you feel you're capable of being in.

Lately, I've realized that I've been working in the AWS space for nearly 10 years.

I've been collecting this data for 4+ years, so the full history is already there. PS: You can also subscribe to these kinds of updates. Enjoy!

Today, I'm happy to share that this feature is finally available, along with a full product rebrand: IAMTrail. I have a ton of ideas for what is coming next for this open-source project, and I hope you will enjoy it and find it useful. Any feedback appreciated. ❤️

- Results of IAM Access Analyzer on these AWS Policies Over the years, AWS Security aficionados, Security Researchers, SaaS Founders, and vendors who rely heavily on these AWS Managed policies have asked to subscribe to specific policies and be notified when changes occur.

Since 2019, I've been tracking every AWS Managed Policy change in a Git repository (MAMIP). In the last few months, I've added: - A Landing Page with search capabilities, stats - Known Account Lookup based on the fwdcloudsec dataset