site-logo

JAWS PANKRATION 2024

site-logo
HomeNewsTimetableCfPCommitteePromotionFollow UpPrivacy Policy

Anti-patterns from security best practices in AWS Identity and Access Management (AWS IAM)

Lv300

Lv300

8/24/2024 15:00 (UTC)

Session Info

There are many things to consider with AWS Identity and Access Management (AWS IAM) alone, such as an increase in the number of users, operational errors caused by giving too many privileges, and information leaks due to authentication information leaks.

Therefore, this time, I would like to start with AWS IAM security best practices, consider what security risks there are if you do not follow best practices, and organize anti-patterns.

Hayato  Tan

Hayato Tan

- AWS Community Builders -

- AWS Top Engineers(APN) -

- AWS Ambassadors(APN) -

- AWS All Certified Engineers(APN) -



Session Category
Security
Identity and compliance


AWS Services
AWS Identity and Access Management (AWS IAM)

Session Materials


Session Summary (by Amazon Bedrock)
    The speaker discusses AWS IAM security practices and anti-patterns. They begin by introducing themselves as Sunhayato, a system integrator in Tokyo and an AWS Ambassador and Community Builder. The talk focuses on AWS IAM security best practices and anti-patterns, not covering specific AWS services or AWS re:Invent 2024. Key terms are explained, including root user, AWS managed policies, customer managed policies, and inline policies. The speaker highlights the challenges of managing permissions, such as overprivileging, underprivileging, and credential leaks. They then discuss 14 AWS IAM security best practices from official documentation, including using MFA and following root user credential protection guidelines. The presentation explores cases where these best practices are not applied, such as regularly using the root user, creating root user access keys, or not applying MFA. Similar cases are grouped together, resulting in six main anti-patterns in AWS IAM security. The speaker emphasizes the importance of avoiding these anti-patterns and briefly mentions the risks associated with not following best practices. They provide references to official AWS documentation on IAM security best practices and root user best practices. Finally, the speaker promotes their involvement in the AWS community, mentioning platforms where they publish content, including Dev.to and the newly launched Community.AWS. Overall, the presentation aims to educate listeners on AWS IAM security best practices and common anti-patterns to avoid, encouraging better security practices in AWS environments.

©JAWS-UG (AWS User Group - Japan). All rights reserved.