Identities in a modern enterprise public cloud deployment are numerous and critical to securing your data. Non-human identities - like servers, VMs, serverless functions, applications, etc. - are being created at a rapid pace, sometimes by services without a person ever involved.
AWS has given us tools to help govern access, but rapid innovation breeds complexity. Governance requires a new approach that meets this reality of ephemeral compute and complex webs of permission combinations.
This is the second in a multi-part series on nonhuman identities. This session focuses on AWS but touches elements of multicloud management as well. We'll discuss:
-Recap of what non-human identities are
-Examples of AWS-specific risks
-Best practices for managing them
-Immediate steps anyone can take today to secure the identities