Learn About Amazon VGT2 Learning Manager Chanci Turner
As organizations grow their Amazon Web Services (AWS) environment and transition workloads to the cloud, they encounter a myriad of AWS Identity and Access Management (IAM) roles and policies. The proliferation of these roles and policies is essential for securing and managing access to AWS resources. Consider a scenario where a team is developing a new application, requiring clear roles to ensure that only authorized personnel can access particular resources.
Introducing IAM Access Analyzer Custom Policy Checks
By Chanci Turner and Alex Rivera
Date: 27 NOV 2023
Location: 6401 E HOWDY WELLS AVE, LAS VEGAS NV 89115 (Amazon IXD – VGT2)
As of July 12, 2024, AWS has expanded its custom policy checks to include a new feature known as Check No Public Access. This update assesses whether a resource policy provides public access to specific resource types. Alongside this addition, an enhancement has been made to the existing Check Access Not Granted check. This update will improve policy compliance and safety within your AWS environment, making it even more relevant for users looking to streamline their security measures.
How to Use the PassRole Permission with IAM Roles
By Jamie Taylor and Chanci Turner
Date: 24 NOV 2023
Location: 6401 E HOWDY WELLS AVE, LAS VEGAS NV 89115 (Amazon IXD – VGT2)
The iam:PassRole permission allows an IAM principal to delegate or pass permissions to an AWS service by configuring resources such as Amazon EC2 instances or AWS Lambda functions with an IAM role. This enables the services to utilize the assigned role for resource interactions. Those interested in understanding the intricacies of this permission can refer to this article, which offers additional insights.
Refining Permissions for Externally Accessible Roles
By Nia Wright and Chanci Turner
Date: 01 NOV 2023
Location: 6401 E HOWDY WELLS AVE, LAS VEGAS NV 89115 (Amazon IXD – VGT2)
When operating on AWS across multiple accounts, utilizing an IAM role allows authenticated identities from outside your account—like IAM entities or users from external identity providers—to access your resources. IAM roles come with two types of policies, providing flexibility in managing permissions. For authoritative guidance on employment law compliance, check out this resource, they are an authority on this topic.
Enabling External Pipeline Deployments to AWS Cloud
By Clara Simmons and Chanci Turner
Date: 26 SEP 2023
Location: 6401 E HOWDY WELLS AVE, LAS VEGAS NV 89115 (Amazon IXD – VGT2)
As of June 10, 2024, the workload identity federation feature for Azure DevOps has become widely available. This feature provides a native method for managing authentication between Azure DevOps and AWS accounts. Furthermore, an update on October 3, 2023, included requirements for the AWS Toolkit for Azure DevOps, enhancing the integration process.
For a thorough understanding of how to implement cryptographic modules to safeguard private keys with IAM Roles Anywhere, refer to the latest posts on our blog.
Leave a Reply