IAM Pulse Check #18 - Together!

Thinking about what you really need to know about IAM to get the job done

Read Issue on Revue
IAM Pulse Check #18 - Together!

Hey folks,

A lot of great content to share this week – some published on our community site, others found online. If so inclined, I’d appreciate a social share or a reply with what types of recurring content brings the most value.



Top of Mind

I spend a fair amount of time thinking about and talking to people about where IAM fits in the job. Cloud engineering as a whole has become such a vast subject with a number of focus areas and learning paths, that it’s easy to get lost. While it’s great that software delivery has become more of a team sport than ever before, modern cloud architectures also place a lot of responsibility on individuals to learn new things.

I aim to tackle cross-functional responsibilities – personal and technical – through a series of articles looking at AWS IAM through the lens of specific job functions. These aren’t meant to be 101 pieces that describe the basic elements of IAM, rather a selective look at things that really matter. As a function so closely tied to software delivery, I started the series with Software Developers.

Give a read, and be on the lookout for more in the series. I’d be interested in hearing from you too – given your role, what do you think is most important to know about IAM?

IAM a Developer - What Do I Really Need to Know About AWS IAM? | IAM Pulse

As a software developer, you’re constantly in demand… and being demanded to learn new things constantly. AWS IAM is a topic that keeps coming up – but how much should you really learn about it?

From the Community

AWS IAM: Best practices [Part 1] | IAM Pulse

Bhupender Singh from OpsTree wrote another article for the site, this time pointing out a few best practices including group membership, naming conventions, and tags.

AWS ECS IAM Primer | IAM Pulse

Our Cloud IAM Advocate Kyler Middleton kicks off a video series explaining how IAM applies to specific services, starting with AWS ECS.

Cheat Sheet: AWS S3 | IAM Pulse

Kyler also kicked off a cheat sheet series with S3 - going beyond the basics and selecting a few important considerations and controls for practical use.

From the Web

Introducing Stratus Red Team, an Adversary Emulation Tool for the Cloud

Christophe Tafani-Dereeper from DataDog is well known for his in-depth cloud security research. Here he is with a new open source tool to emulate common attack techniques. Excellent work as always.

Testing Infrastructure-as-Code Using Dynamic Tooling – NCC Group Research

One of the key challenges with Infrastructure as Code is a proper testing framework. Static analysis tools only tell you what’s in code, while dynamic analysis tools require a lot of heavy lifting (and privilege). This open source tool from NCC aims to meet in the middle – provide a lightweight local environment to test.

GitHub - jdyke/gcp_iam_update_bot: Tweets when new GCP IAM updates are found

You love to see it – Jason Dyke from the Square security team created a Twitter bot that detects changes to GCP IAM. Follow this and MAMIP from Victor Grenu, and you got yourself a nice pair.

What IAM listening to

"Philly" Joe Jones, Elvin Jones – Together! (1964, Vinyl) - Discogs

When you bring software delivery teams together in concert, you get something special. When you bring drum legends Philly Joe and Elvin together, you get something really special. This is a fantastic (and shockingly affordable) album that also features Hank Mobley, Blue Mitchell, Curtis Fuller, Wynton Kelly, and Paul Chambers. Quality grooves throughout.

Get the IAM Pulse Check Newsletter

We send out a periodic newsletter full of tips & tricks, contributions from the community, commentary on the industry, relevant social posts, and more.

Checkout past issues for a sampling of the goods.