| CPC H04L 63/105 (2013.01) [H04L 63/104 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. A method for an efficient configuration compliance verification of resources in a large computing environment having a plurality of persona, the method comprising:
deriving a Machine-Readable Role Definition (MRRD) from a description by extracting one of a keyword and a statement from the description, wherein the keyword and the statement is related to at least one of a service action and an access level of an Identity and Access Management (IAM) role, wherein the description is in a natural language comprising a human readable job description;
generating a Role Potential Excessive Service Action List (RPESAL) for the Identity and Access Management (IAM) role by comparing the Machine-Readable Role Definition (MRRD) with Cloud Provider Service Action Access Reference List;
generating a Role Actual Excessive Service Action List (RAESAL) for the Identity and Access Management (IAM) role by comparing the Machine-Readable Role Definition (MRRD); and
continuously tracking and determining at least one of an event and a change to the description and updating the MRRD dynamically when at least one of the event and the change to the description captured in the natural language is determined,
wherein the event comprises one of a first activity related to modifying the description, and a second activity triggered by a polling process to periodically check and verify the modified description to appropriately update the MRRD, RPESAL and RAESAL respectively as needed.
|