access-review
1
总安装量
1
周安装量
#51904
全站排名
安装命令
npx skills add https://github.com/bagelhole/devops-security-agent-skills --skill access-review
Agent 安装分布
opencode
1
codex
1
claude-code
1
Skill 文档
Access Review
Implement periodic access review processes.
Review Process
access_review_workflow:
1_extract:
- Pull access data from systems
- Generate access report
2_review:
- Manager certification
- Risk-based prioritization
- Decision documentation
3_action:
- Revoke unnecessary access
- Update exceptions
- Document decisions
4_report:
- Compliance metrics
- Remediation tracking
AWS IAM Review
# Generate credential report
aws iam generate-credential-report
aws iam get-credential-report --output text --query Content | base64 -d
# Find inactive users
aws iam list-users | jq -r '.Users[] | select(.PasswordLastUsed < "2024-01-01") | .UserName'
# List unused access keys
aws iam get-access-key-last-used --access-key-id AKIAXXXXXXXX
Automation
def generate_access_report():
users = get_all_users()
report = []
for user in users:
report.append({
'user': user.email,
'roles': user.roles,
'last_login': user.last_login,
'manager': user.manager,
'review_status': 'pending'
})
return report
Best Practices
- Quarterly reviews minimum
- Risk-based frequency
- Manager attestation
- Automated revocation
- Audit trail maintenance