How to Kill an AWS Access Key

Overview

Learn how to eliminate static AWS Access Keys and enhance cloud security in this 25-minute conference talk from BSidesSF 2020. Explore the AWS Security Token Service, SAML, and API Assume Role as Benjamin Hering guides you through his company's journey to implement short-lived credentials. Discover the step-by-step process of setting up an Identity Provider, configuring API integration, and creating IAM policies. Gain insights into AWS Octave, AWS Roles, and Multi-Factor Authentication implementation. Benefit from practical lessons learned and get answers to common questions about transitioning away from static access keys to improve your AWS environment's security posture.

Syllabus

Introduction
AWS Security Token Service
SAML Markup Language
API Assume Roll
Identity Provider
Slides
Setting up the Identity Provider
Copying the Identity Provider
API Integration
Static Access Keys
IAM Policy
AWS Octave
AWS Roles
MFA
Execution Style
Notes
Lessons Learned
Questions

Taught by

Security BSides San Francisco

Reviews

Start your review of How to Kill an AWS Access Key

3000+ Courses from California Community Colleges

Most common

Popular subjects

Popular courses

How to Kill an AWS Access Key

Overview

Syllabus

Taught by

Reviews

3000+ Courses from California Community Colleges

Taught by

Deep Dive with Security: AWS Identity and Access Management (IAM)

Deep Dive with Security: AWS Identity and Access Management (IAM) (Includes Labs)

MFA-ing the Un-MFA-ble - Protecting Auth Systems' Core Secrets

Access Keys Will Kill You Before You Kill the Password

Never Stop Learning.