IAM AccessAdvisor takes forever to return (never come back) results | by Teri Radichel | Biting Bugs | October 2023

esteria.white

Just in case anyone is reading this…is something wrong or is this just taking a really long time?

I use AWS AccessAdvisor to see what actions have been taken regarding AWS IAM policies. In one case, the results came back very quickly.

In other cases, results take forever to appear.

Is it because I temporarily assigned the admin role because something wasn’t working and it was somehow cycling through all possible actions?

Shouldn’t it start with the actions that were taken (minimal) and work in the other direction to get to the services used (if that’s what it does)?

I suspect this is the case because the policy that returned more quickly is more restrictive.

It may be necessary to look at actions taken versus actions permitted and start from the smallest set to perform the analysis.

After watching the dial spin for about half an hour, I’m pretty sure it’ll never come back. Maybe something on my network is blocking it, but in that case it should return a proper error message so I know what the problem is….

Update:

Switching to another network, one of the analyzer results finally came back. The other never did. It was for a deleted user. However, the results should still be returned if the user is deleted, right? Because the results are always in the politics-related newspapers…

Follow for updates.

Teri Radichel | © 2nd view laboratory 2023

The best way to support this blog is to subscribe to the broadcast list And type for the stories you love. If you are interested in IANS Decision Support Services so you can schedule security consulting calls with myself and other IANS faculty, please contact us on LinkedIn via the link below. THANKS!

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
Author
: Cybersecurity for Executives in the Age of Cloud
Presentations
: Presentations by Teri Radichel
Recognition: SANS Difference Makers Award, AWS Security
Leave a comment