Abstract:

Amazon’s user, role and policy management provides a lot of finegrained control of permissions for their individual services. In general, this is a great thing to ensure that humans and robots only have access to things that they should have access to…and that they can’t accidentally break production.

Unfortunately, the management console makes managing IAMs slightly more complicated than I think it should be: arbitrary limitations on groups per user, complex policy definitions in the form of JSON and the use of ARNs everywhere.

At Mobify, we decided to change the way we deal with this and provide a different way that integrates better with our existing workflows. We decided to manage IAMs in a github repo with some tooling that allows us to create new policies and users as well as update old ones.

Speaker:

Sebastian has discovered his love for Python early on and found ways to use it successfully in various industries. Over the last few years, he's been mainly building things for the web using the Django framework. He's also enthusiastic about Docker and improving life, one container at a time.

Past