We're all familiar with the principle of least privilege, but... how easy is it to apply in the cloud? We'll walk you through several AWS IAM case studies, demonstrating just how complex achieving it can be and what the consequences might be.
Originally created for Sh3llcon 2024 talk. [Slides]
Updated for AWS UG VLC Meetup with a new case. [Slides]
To check the resources that are goint to be created for each case check the USAGE.md file under docs/ folder.
-
An AWS Account: to deploy demo resources you will need an AWS account
All resources are included in the free tier if you don't abouse the requests
-
Each case stores the tfstate in a S3 bucket to allow, to create that tfstates bucket deploy it using:
cd bootstrap/ make plan make apply