How to Kill an AWS Access Key
Offered By: Security BSides San Francisco via YouTube
Course Description
Overview
Learn how to eliminate static AWS Access Keys and enhance cloud security in this 25-minute conference talk from BSidesSF 2020. Explore the AWS Security Token Service, SAML, and API Assume Role as Benjamin Hering guides you through his company's journey to implement short-lived credentials. Discover the step-by-step process of setting up an Identity Provider, configuring API integration, and creating IAM policies. Gain insights into AWS Octave, AWS Roles, and Multi-Factor Authentication implementation. Benefit from practical lessons learned and get answers to common questions about transitioning away from static access keys to improve your AWS environment's security posture.
Syllabus
Introduction
AWS Security Token Service
SAML Markup Language
API Assume Roll
Identity Provider
Slides
Setting up the Identity Provider
Copying the Identity Provider
API Integration
Static Access Keys
IAM Policy
AWS Octave
AWS Roles
MFA
Execution Style
Notes
Lessons Learned
Questions
Taught by
Security BSides San Francisco
Related Courses
Microsoft Azure IdentityMicrosoft via edX Microsoft Azure Authentication Scenarios for Developers
Pluralsight Identity and Access Management on AWS: Users
Pluralsight AWS for Developers: Identity Access Management (IAM)
LinkedIn Learning Azure for Architects: Design an Authentication and Data Security Strategy
LinkedIn Learning