115. What can you do with Permissions Boundaries?
AWS Bites23 Helmi 2024

115. What can you do with Permissions Boundaries?

In this episode, we discuss Permission Boundary policies in AWS IAM. A permissions boundary is an advanced feature in which you set the maximum permissions that an identity-based policy can grant to an IAM entity. When you set a permissions boundary for an entity, the entity can perform only the actions allowed by its identity-based policies and its permissions boundaries. In this episode, we discuss this concept a bit more in detail and we show how it can be used to give freedom to development teams while preventing privilege escalation. We also cover some of the disadvantages that come with using permission boundaries and other things to be aware of. Finally, we will give some practical advice on how to get the best out of Permissions Boundary Policy and get the best out of them.


💰 SPONSORS 💰 AWS Bites is brought to you by fourTheorem, the AWS consulting partner with lots of experience with AWS, Serverless, and Lambda. If you are looking for a partner that can help you deliver your next Serverless workload successfully, look no further and reach out to us at ⁠⁠⁠⁠https://fourTheorem.com⁠⁠⁠⁠ In this episode, we mentioned the following resources:


Do you have any AWS questions you would like us to address? Leave a comment here or connect with us on X, formerly Twitter: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/eoins⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/loige⁠⁠

Jaksot(157)

137. Transit Gateway Explained

137. Transit Gateway Explained

In this episode, David Lynam provides an overview of AWS Transit Gateway, which aims to simplify complex network connectivity between VPCs, VPNs, and on-premises networks. We discuss the limitations o...

13 Joulu 202418min

136. 20 Amazing New AWS Features

136. 20 Amazing New AWS Features

In this pre-re:Invent 2024 episode, Luciano and Eoin discuss some of their favorite recent AWS announcements, including improvements to AWS Step Functions, Lambda runtime updates, DynamoDB price reduc...

29 Marras 202417min

135. Serverless is making a comeback where you least expect it

135. Serverless is making a comeback where you least expect it

In this episode, we discuss the pros and cons of using serverless architecture in enterprise companies. We cover topics like cost, complexity, security, ability to evolve architecture, and more. Overa...

15 Marras 202421min

134. Eliminate the IAM User

134. Eliminate the IAM User

In this episode, we discuss why IAM users and long-lived credentials are dangerous and should be avoided. We share war stories of compromised credentials and overprivileged access. We then explore sol...

1 Marras 202428min

133. Building Businesses in the Cloud with Fiona McKenna

133. Building Businesses in the Cloud with Fiona McKenna

In this special episode of AWS Bites, Eoin is joined by Fiona McKenna, co-founder and CFO of fourTheorem, to discuss startup advice, hiring and growing teams, creating an environment for success, an...

17 Loka 202428min

132. GitHub Action Runners on AWS

132. GitHub Action Runners on AWS

In this episode, we provided an overview of GitHub Action Runners and discussed the benefits of using self-hosted runners on AWS. We covered options including EC2 and CodeBuild for running GitHub Acti...

3 Loka 202424min

131. What do you do about CloudFormation Drift?

131. What do you do about CloudFormation Drift?

In this episode, we discuss the concept of CloudFormation drift, what causes it, how to detect it, and strategies for resolving it. We explain that drift happens when the actual state of resources div...

19 Syys 202419min

130. Growing in Tech with Farrah Campbell

130. Growing in Tech with Farrah Campbell

In this episode, we had the pleasure to interview Farrah Campbell, head of modern compute community at AWS, prolific speaker, and former AWS Hero. We discussed Farrah's career journey from healthcare ...

5 Syys 202429min