AWS re:Invent 2016: How to Automate Policy Validation (SEC311)

Опубликовано 1 декабря 2016, 22:01

Managing permissions across a growing number of identities and resources can be time-consuming and complex. Testing, validating, and understanding permissions before and after policy changes are deployed is critical to ensuring that your users and systems have the appropriate level of access. This session walks through the tools that are available to test, validate, and understand the permissions in your account. We demonstrate how to use these tools and how to automate them to continually validate the permissions in your accounts. The tools demonstrated in this session help you answer common questions such as:

*Which users and roles have access to perform powerful actions?
*Which users and roles have access to critical resources such as Amazon S3 buckets?
*Who is able to launch instances in a specific region?