AWS Least-Privileged Access (LPA)

The AWS Least Privileged Access (LPA) feature within InsightCloudSec collects and presents the actions executed by a given user or role within a given time period. These logged actions are collected and analyzed to provide insights to the customer. This feature is mainly documented in two sections:

Setup, which presents configuration instructions

New Onboarding

As of InsightCloudSec v. 23.4.11, the new universal onboarding experience for AWS accounts uses CloudFormation Templates (CFTs) to automatically provision relevant accounts with the necessary policies and roles. This means it is easiest to perform LPA configuration while onboarding an account/organization. Review AWS Cloud - Onboarding for more information.

Usage, which presents how to view and utilize the data collected within InsightCloudSec

If you are looking for LPA functionality related to Azure, check out the content around Azure LPA Setup.

As always, if you have questions about this feature or any others, reach out us through any of the options identified under Getting Support.