Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Federating AWS CLI

via YouTube

Overview

Learn about federating AWS CLI access in this 24-minute conference talk from BSides San Francisco 2015. Explore the challenges of secure credential management and discover solutions using credential services, SAML, LDAP, and Shibboleth. Examine the implementation of AWS Security Token Service (STS) and the Aeris system. Discuss known issues, potential problems, and future improvements for federated AWS CLI access. Gain insights into enhancing security and streamlining authentication processes for AWS command-line operations.

Syllabus

Intro
Introductions!
Agenda
Why are we doing this?
Media examples
Or maybe something like this?
How can we fix this?
If only there was a credential service!?
Now we need a middleman that can talk SAML and LDAP...
Shibboleth
Knowns, Unknowns, Success Factors
AWS STS what?
How do we do this? Thought process...
Aeris (high level)
Wait... 1 hour creds right?
Process diagram
Issues: Documentation • Session token use was not documented
Issues: Bugs • Boo's STS library was hardcoded with AnonFalse 10U'RE WELCOME
Potential future problems (cont.)
Pre-release Improvements
Future Improvements

Reviews

Start your review of Federating AWS CLI

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.