Technology practitioners are in common agreement that the “Principle of Least Privilege” is a good thing. This consensus is certainly nice, but what does the phrase mean precisely? Even more importantly, how can we talk about the “least privilege” without fluency in the language of privilege itself?
On AWS, that language is called the Identity and Access Management (IAM) JSON Policy Language, or IAM Policy Language for short. As a provider of Managed and Professional Services for customers using AWS, we’ve seen many examples of AWS IAM policies in the wild that indicate a difficulty speaking this cloud-native tongue.
And it’s no surprise- as a recent SANS Institute paper on Multicloud Security put it, “IAM is hard, and everywhere.” Join us for a rapid-fire IAM Policy Language session. We’ll review the fundamentals of IAM and cover a number of IAM Policies that you can use to enable secure access to your AWS environment.