Federating AWS CLI
Offered By: YouTube
Course Description
Overview
Learn about federating AWS CLI access in this 24-minute conference talk from BSides San Francisco 2015. Explore the challenges of secure credential management and discover solutions using credential services, SAML, LDAP, and Shibboleth. Examine the implementation of AWS Security Token Service (STS) and the Aeris system. Discuss known issues, potential problems, and future improvements for federated AWS CLI access. Gain insights into enhancing security and streamlining authentication processes for AWS command-line operations.
Syllabus
Intro
Introductions!
Agenda
Why are we doing this?
Media examples
Or maybe something like this?
How can we fix this?
If only there was a credential service!?
Now we need a middleman that can talk SAML and LDAP...
Shibboleth
Knowns, Unknowns, Success Factors
AWS STS what?
How do we do this? Thought process...
Aeris (high level)
Wait... 1 hour creds right?
Process diagram
Issues: Documentation • Session token use was not documented
Issues: Bugs • Boo's STS library was hardcoded with AnonFalse 10U'RE WELCOME
Potential future problems (cont.)
Pre-release Improvements
Future Improvements
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube