4 Policies and procedures for secure access

This chapter covers

  • Creating best practices to improve and evaluate your IAM configuration
  • Applying least privilege access control to reduce risk in the event of an attack
  • Evaluating credential expiration times to balance security and convenience
  • Reviewing IAM resources periodically to ensure your configuration is secure

As we saw in chapters 2 and 3, there are multiple ways to do the same thing in IAM. You can grant permissions directly to a user or have them applied through a group. You can write a policy inline on the user, or you can attach a managed policy. The last chapter explained how to do all of these things, but it didn’t explain when to do them. I wish I could say this chapter had the ...

Get AWS Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.