Continuously audit and monitor IAM (Identity and Access Management) configurations and enforce security compliance as code with Panther.

AWS admins manage access to AWS resources in their organization using AWS IAM. IAM provides the ability to create and manage AWS users, groups, and roles-each with their own unique set of privileges and defined access to specific resources. Use Panther to track real-time changes to your IAM to ensure configurations meet your business requirements for security and compliance.

Monitoring IAM is critical for understanding the history of control access and detecting suspicious activity. Use Panther’s built in policies for continuous monitoring of IAM resources, or write your own detections in Python to fit your internal business use cases.

Use Cases

Common security use cases for IAM with Panther include:

• Check for IAM policies that are too permissive

• Ensure MFA protocols are enabled for IAM user

• Ensure IAM policy is not assigned directly to a user

How it Works

The integration is simple and fast:

• Connect your AWS account to Panther

• A baseline scan is performed to identify all existing IAMs in your account(s)

• Built-in detections identify security issues

• Alerts will be sent if non-compliant IAMs exist

Use Panther to search all IAM User, Root User, Policy, Group, and Role in an account by name, view their compliance status, associated policies, and configured remediations. Learn more about using Panther to analyze your AWS logs for security insights.