Secure AWS with IAM built for continuous delivery
Download Your Free ‘Effective IAM for AWS’ EPUB or PDF
About The Author
My name is Stephen Kuenzli and I have built, delivered, and operated applications and infrastructure for more than 20 years. I’ve successfully led several large migrations to AWS and I know how difficult it is to create good IAM security policies for people and applications, verify they work as intended, and continuously deliver changes. (We’re building k9 Security to simplify that.)
In this book, I’ll share insights into the problems at the intersection of AWS IAM, infrastructure code, and continuous delivery that frustrate so many Cloud teams and proven solutions to those problems regardless of which tools you use.
Effective IAM for AWS
Learn how to secure AWS with IAM built for continuous delivery.
The Problem
Effective IAM for Amazon Web Services is for individuals with titles like Cloud, DevOps, Site Reliability, and Cloud Security Engineer or Architect who feel the weight of responsibility to secure AWS deployments and the pain of AWS IAM’s complexity.
The increasing number of IAM identities and quickly changing Cloud deployments make effective identity management even harder.
Having to frequently protect data and implement least privilege access controls, and automate configuration are painful activities in many organizations. However, this book will help you get the job done. If you struggle to deliver effective AWS security policies or you find yourself staring at an incoherent mess of security policies in many accounts, this book is for you.
And even if these aren’t your direct responsibilities, you will learn how to work with those who have them.
The Solution
This guide will help you understand why it’s hard and how both you and your organization can use IAM well. Additionally, we’ll show how well-architected IAM integrates with and improves AWS network security, auditing, and incident response.
While the AWS IAM documentation tells you what you can do, this guide will show you IAM best practices and how to scale them to all developers.
Learn how to:
- solve difficult security problems using the best parts of AWS IAM
- simplify AWS IAM into a set of secure infrastructure code building blocks to deliver changes quickly
- verify AWS IAM security policies protect resources as intended
- secure IAM continuously at any scale
This book is a starting point for least privilege and a better understanding of the IAM landscape on AWS. It contains the control loops, processes & culture considerations necessary to enable an organization to secure AWS effectively and repeatedly.
This book will help you understand how to leverage IAM’s best features to secure apps & data continuously. It will help you improve every aspect of the development, review, and delivery process quickly and confidently with better AWS security policies.
We’ll describe what the interfaces of infrastructure code libraries should look like so they are usable by non-experts and composable into delivery pipelines. We’ll point to the best implementations of these ideas.
Additionally, we’ll show how well-architected IAM integrates with and improves AWS network security, auditing, and incident response.
IAM is HARD. Even AWS fails at it sometimes, in practice or in documentation. One of the best pieces of advice I give to my customers when I’m running AWS Security assessments is to recommend this book as a starting point for least privilege and a better understanding of the IAM landscape on AWS. It contains many examples and schemas that help to get a clear view of how IAM works under the hood, and what you can do to attain best security practices.