You want to know the scope of what CloudFix can perform in your AWS environment and the permissions required for it.
- CloudFix integrates into your existing security infrastructure, using Identity Access Management (IAM) roles in AWS. Below is the information related to the same:
- IAM roles have administrative permissions that you can see here in our IAM policy. This policy defines what the IAM role can and cannot do within your environment.
- CloudFix installs two IAM roles - one for our Finder and one for our Fixer. IAM roles are similar to IAM user accounts that you may already use.
- IAM roles do not have any long-term credentials, passwords, or access keys. or permissions. Instead, access keys are created dynamically and provided to the role temporarily
- The What's in the CloudFix CloudFormation Template? article provides more information related to various available Templates that CloudFix provides.