The Art of Letting Go: Secure Delegation of Permissions in AWS Environments

Explore the intricacies of secure permission delegation in AWS environments through this 34-minute conference talk from BSidesLV. Discover how Service Control Policies (SCPs), IAM permission boundaries, and IAM policies can be leveraged across AWS Organizations to establish robust guardrails, empowering engineering teams to utilize privileged IAM actions without the need for manual approval workflows. Learn about an innovative event-based solution utilizing EventBridge and Lambda for compliance analysis, automated remediation, and notification systems, enhancing visibility without increasing workload. Gain insights into the evolving landscape of cloud service providers and their impact on engineering practices, including the shift from traditional server rooms to cloud infrastructure. Delve into the concept of Infrastructure as Code and its role in creating consistent, scalable environments. Understand the importance of balancing flexibility and security in identity and access management as organizations navigate their cloud journey.