Platform engineering is the discipline of designing and building toolchains and workflows that enable self-service capabilities for software engineering organizations in the cloud-native era.

Platform Engineering

here is an idea if you’re on AWS <https://aws.amazon.com/blogs/security/iam-access-analyzer-makes-it-easier-to-implement-least-privilege-permissions-by-generating-iam-policies-based-on-access-activity/|https://aws.amazon.com/blogs/security/iam-access-analyzer-makes-it-easier-to-impleme[…]missions-by-generating-iam-policies-based-on-access-activity/>

yes, I should’ve mentioned that we’re using AWS. Thanks, I’ll check that out :thumbsup:

Have been using this for multi-account scenarios with success <https://github.com/salesforce/cloudsplaining|https://github.com/salesforce/cloudsplaining><https://github.com/salesforce/cloudsplainingand| and> for the “shift left” side of things, evaluating policy documents in CI with <https://github.com/duo-labs/parliament|https://github.com/duo-labs/parliament>(if it helps!)

Thanks for sharing, <@U03DLU3S474> - I’ll be sure to check those out too :thumbsup:

This reminds me of <https://www.openpolicyagent.org>, which can be integrated into terraform by scanning against the JSON.

looks like another great option, thanks <@U03FPMVFXAN> :thumbsup: