Cloud Entitlements Manager – Automated Remediation of IAM Permissions Risk with Terraform

July 12, 2021 Sam Flaster

CyberArk Cloud Entitlements Manager, our Cloud Infrastructure Entitlements Management (CIEM) solution, now supports the following features:

Automated Remediation in Terraform Deployments

Cloud Entitlements Manager customers and free trial users that use Terraform for IaC (Infrastructure as Code) can now more easily automate remediation of excessive Identity and Access Management (IAM) permissions across AWS, Azure and GCP environments. This additional automation workflow helps organizations defend against the growing risk of attacks by manipulating the 23,000+ IAM permissions that can now be configured across AWS, Azure and GCP.

Cloud Entitlements Manager’s new Terraform providers allow organizations to natively integrate CEM recommendations and remediations into their DevOps pipelines, simplifying management of least privilege access.

This release extends and simplifies Cloud Entitlements Manager’s capabilities for automating remediation of excessive cloud IAM permissions, which were already available via API. IaC tools — Terraform, for example — are accelerating in popularity as organizations increasingly automate processes like building, changing and versioning infrastructure.

This automated approach to reducing the risk of cloud permissions sprawl unlocks notable operational efficiencies for organizations. DevOps teams can use their preferred tools and maintain their velocity in provisioning infrastructure with least privilege recommendations in place, positioning their organizations to safely expand in the cloud.

Terraform provider files are available from the Setup > Integrations tab within the Cloud Entitlements Manager web application.

As with all Cloud Entitlements Manager features, Terraform provider files are available with our 30-Day Free Trial.

For information on this release and all Cloud Entitlements Manager updates, please visit our “What’s New” section on CyberArk Docs.

Previous Article
Reduce Cloud Compliance Risk with Least Privilege
Reduce Cloud Compliance Risk with Least Privilege

Meeting regulatory compliance requirements is one of global organizations’ top challenges as they scale clo...

Next Article
Cryptomining Cloud Attack: Compromise Sensitive Console Access
Cryptomining Cloud Attack: Compromise Sensitive Console Access

Remember how the Ocean’s Eleven crew couldn’t just attack one casino… they had to go for three? Well, the s...