Chapter 5. Authorization

Authorization means giving someone or something permission to access a resource and/or perform a specific action. With even a small number of resources and requests, it quickly becomes necessary to organize authorization into access policy, rules and requirements that determine access management—that is, who can access what and under what circumstances. Broadly, access policy is a set of rules that defines how access is permitted.

It sounds like an easy problem to solve: simply create rules based on user roles and resource types, then enforce them! Unfortunately, it’s not so simple. Resources, roles, and policy requirements can all change—and do, all the time—but that’s not even the worst of it. The primary difficulty of designing infrastructure authorization is scaling it, across infrastructure that is heterogeneous, growing in complexity, and always evolving. As sensitive data travels from one infrastructure resource to another, it encounters a patchwork of access policies that don’t always match up. A single misconfigured resource can jeopardize security and compliance requirements across the environment.

Access control policy must be managed by a single source of truth. Just as SSO creates a single source of truth for authentication, the same consolidation must be applied to authorization. In practice this means that all permissions for all computing resources must be stored in one place. It must be possible to provision access automatically. This ...