Tools, strategies, and ideas to secure your AWS cloud environment.
AWS IAM Policy Types and How To Use Them
When developing your access control strategy for your cloud environment the goal should be to provide least privilege access while making it easy to audit access across your environment. With so many different options and ways that things could go wrong, it’s important to have a plan for how to organize your access control policies in AWS. Here is the model I use when deciding where to place a particular access control in AWS.
Securing Your Data Lake Using S3 Access Points
IAM policies, Access Control Lists, bucket policies, KMS policies, and just when you thought S3 security couldn’t get any harder AWS introduces a new way to manage access control for your buckets called “access points”. Released at re:Invent 2019, access points are the newest way of managing access to multi-tenant S3 buckets at scale and make it easier to implement fine-grained access control for each application accessing the S3 buckets.