Fique off-line com o app Player FM !
115. What can you do with Permissions Boundaries?
Manage episode 402428720 series 2980070
In this episode, we discuss Permission Boundary policies in AWS IAM. A permissions boundary is an advanced feature in which you set the maximum permissions that an identity-based policy can grant to an IAM entity. When you set a permissions boundary for an entity, the entity can perform only the actions allowed by its identity-based policies and its permissions boundaries. In this episode, we discuss this concept a bit more in detail and we show how it can be used to give freedom to development teams while preventing privilege escalation. We also cover some of the disadvantages that come with using permission boundaries and other things to be aware of. Finally, we will give some practical advice on how to get the best out of Permissions Boundary Policy and get the best out of them.
💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, the AWS consulting partner with lots of experience with AWS, Serverless, and Lambda. If you are looking for a partner that can help you deliver your next Serverless workload successfully, look no further and reach out to us at https://fourTheorem.com In this episode, we mentioned the following resources:
- Episode 112. "What is a Service Control Policy (SCP)?": https://awsbites.com/112-what-is-a-service-control-policy-scp/
- IAM Policy Simulator: https://policysim.aws.amazon.com/home/index.jsp?#roles
- The famous RSA paper that introduces Alice and Bob in the world of cryptography: https://web.williams.edu/Mathematics/lg5/302/RSA.pdf
- A biographical backstory on Alice and Bob: https://urbigenous.net/library/alicebob.html
Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - https://twitter.com/eoins - https://twitter.com/loige
140 episódios
Manage episode 402428720 series 2980070
In this episode, we discuss Permission Boundary policies in AWS IAM. A permissions boundary is an advanced feature in which you set the maximum permissions that an identity-based policy can grant to an IAM entity. When you set a permissions boundary for an entity, the entity can perform only the actions allowed by its identity-based policies and its permissions boundaries. In this episode, we discuss this concept a bit more in detail and we show how it can be used to give freedom to development teams while preventing privilege escalation. We also cover some of the disadvantages that come with using permission boundaries and other things to be aware of. Finally, we will give some practical advice on how to get the best out of Permissions Boundary Policy and get the best out of them.
💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, the AWS consulting partner with lots of experience with AWS, Serverless, and Lambda. If you are looking for a partner that can help you deliver your next Serverless workload successfully, look no further and reach out to us at https://fourTheorem.com In this episode, we mentioned the following resources:
- Episode 112. "What is a Service Control Policy (SCP)?": https://awsbites.com/112-what-is-a-service-control-policy-scp/
- IAM Policy Simulator: https://policysim.aws.amazon.com/home/index.jsp?#roles
- The famous RSA paper that introduces Alice and Bob in the world of cryptography: https://web.williams.edu/Mathematics/lg5/302/RSA.pdf
- A biographical backstory on Alice and Bob: https://urbigenous.net/library/alicebob.html
Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - https://twitter.com/eoins - https://twitter.com/loige
140 episódios
Όλα τα επεισόδια
×Bem vindo ao Player FM!
O Player FM procura na web por podcasts de alta qualidade para você curtir agora mesmo. É o melhor app de podcast e funciona no Android, iPhone e web. Inscreva-se para sincronizar as assinaturas entre os dispositivos.