IAM Pulse Check #18 - Together!
Thinking about what you really need to know about IAM to get the job doneRead Issue on Revue
A lot of great content to share this week – some published on our community site, others found online. If so inclined, I’d appreciate a social share or a reply with what types of recurring content brings the most value.
Top of Mind
I spend a fair amount of time thinking about and talking to people about where IAM fits in the job. Cloud engineering as a whole has become such a vast subject with a number of focus areas and learning paths, that it’s easy to get lost. While it’s great that software delivery has become more of a team sport than ever before, modern cloud architectures also place a lot of responsibility on individuals to learn new things.
I aim to tackle cross-functional responsibilities – personal and technical – through a series of articles looking at AWS IAM through the lens of specific job functions. These aren’t meant to be 101 pieces that describe the basic elements of IAM, rather a selective look at things that really matter. As a function so closely tied to software delivery, I started the series with Software Developers.
Give a read, and be on the lookout for more in the series. I’d be interested in hearing from you too – given your role, what do you think is most important to know about IAM?
As a software developer, you’re constantly in demand… and being demanded to learn new things constantly. AWS IAM is a topic that keeps coming up – but how much should you really learn about it?
From the Community
Bhupender Singh from OpsTree wrote another article for the site, this time pointing out a few best practices including group membership, naming conventions, and tags.
Our Cloud IAM Advocate Kyler Middleton kicks off a video series explaining how IAM applies to specific services, starting with AWS ECS.
Kyler also kicked off a cheat sheet series with S3 - going beyond the basics and selecting a few important considerations and controls for practical use.
From the Web
Christophe Tafani-Dereeper from DataDog is well known for his in-depth cloud security research. Here he is with a new open source tool to emulate common attack techniques. Excellent work as always.
One of the key challenges with Infrastructure as Code is a proper testing framework. Static analysis tools only tell you what’s in code, while dynamic analysis tools require a lot of heavy lifting (and privilege). This open source tool from NCC aims to meet in the middle – provide a lightweight local environment to test.
You love to see it – Jason Dyke from the Square security team created a Twitter bot that detects changes to GCP IAM. Follow this and MAMIP from Victor Grenu, and you got yourself a nice pair.
What IAM listening to
When you bring software delivery teams together in concert, you get something special. When you bring drum legends Philly Joe and Elvin together, you get something really special. This is a fantastic (and shockingly affordable) album that also features Hank Mobley, Blue Mitchell, Curtis Fuller, Wynton Kelly, and Paul Chambers. Quality grooves throughout.
Get the IAM Pulse Check Newsletter
We send out a periodic newsletter full of tips & tricks, contributions from the community, commentary on the industry, relevant social posts, and more.
Checkout past issues for a sampling of the goods.