access-review
Conduct periodic access reviews and certifications. Implement access governance and recertification workflows. Use when managing access compliance.
Install
npx skillscat add bagelhole/devops-security-agent-skills/access-review Install via the SkillsCat registry.
SKILL.md
Access Review
Implement periodic access review processes.
Review Process
access_review_workflow:
1_extract:
- Pull access data from systems
- Generate access report
2_review:
- Manager certification
- Risk-based prioritization
- Decision documentation
3_action:
- Revoke unnecessary access
- Update exceptions
- Document decisions
4_report:
- Compliance metrics
- Remediation trackingAWS IAM Review
# Generate credential report
aws iam generate-credential-report
aws iam get-credential-report --output text --query Content | base64 -d
# Find inactive users
aws iam list-users | jq -r '.Users[] | select(.PasswordLastUsed < "2024-01-01") | .UserName'
# List unused access keys
aws iam get-access-key-last-used --access-key-id AKIAXXXXXXXXAutomation
def generate_access_report():
users = get_all_users()
report = []
for user in users:
report.append({
'user': user.email,
'roles': user.roles,
'last_login': user.last_login,
'manager': user.manager,
'review_status': 'pending'
})
return reportBest Practices
- Quarterly reviews minimum
- Risk-based frequency
- Manager attestation
- Automated revocation
- Audit trail maintenance
Categories
Install
npx skillscat add bagelhole/devops-security-agent-skills/access-review Install via the SkillsCat registry.