Many cloud-focused tools and third-party vendors require access to your organization’s cloud account. Sure, you could open up the flood gates and allow full, administrative access, but do those vendors and tools need that level of access? Most likely, no. In an age of increased supply chain and upstream vendor compromises, we must ensure that we are limiting any and all external access to what is truly needed and nothing more. In this workshop, you will allow a third party vendor (Blue Mountain Cyber) access to your cloud account and, in return, an automated security assessment of your AWS account will be performed. But there’s a twist: To get these results, you must first limit access to ONLY what is needed to perform this audit. Too much or too little access? No report for you!
Learning Objectives:
How to spot overly-permissive user accounts
How to properly establish least privilege using custom policies for IAM users
How to allow third party accounts access to your AWS account with just enough access to perform their tasks
How to add additional conditions prior to successful role assumption from external users
Who Should Attend:
Those brand new to AWS
New to security measures in AWS’ IAM service
Pre-requisite Knowledge:
None.
System Requirements:
A modern web browser, preferably Chrome
AWS account with root access or an IAM user with Administrator Access permissions. If you need an AWS account, you can create a free tier account with root access at https://aws.amazon.com/free/
Ryan Nicholson, SANS Senior Instructor and SEC502 and SEC541 author, brings DoD and cloud security experience to help practitioners detect threats, secure modern environments, and apply defensive strategies that work in real-world operations.
