Overview
Learn how to eliminate static AWS Access Keys and enhance cloud security in this 25-minute conference talk from BSidesSF 2020. Explore the AWS Security Token Service, SAML, and API Assume Role as Benjamin Hering guides you through his company's journey to implement short-lived credentials. Discover the step-by-step process of setting up an Identity Provider, configuring API integration, and creating IAM policies. Gain insights into AWS Octave, AWS Roles, and Multi-Factor Authentication implementation. Benefit from practical lessons learned and get answers to common questions about transitioning away from static access keys to improve your AWS environment's security posture.
Syllabus
Introduction
AWS Security Token Service
SAML Markup Language
API Assume Roll
Identity Provider
Slides
Setting up the Identity Provider
Copying the Identity Provider
API Integration
Static Access Keys
IAM Policy
AWS Octave
AWS Roles
MFA
Execution Style
Notes
Lessons Learned
Questions
Taught by
Security BSides San Francisco