Articles

The principle of least privilege is key when it comes to securing your infrastructure on AWS. For example, an engineer should only be able to control EC2 instances that are in scope for their day-to-day work. But how do you make sure an engineer is only allowed to …

  • Start, stop, and terminate a specific instance?
  • Create, attach, and delete specific volumes?
  • Create, restore, and delete specific snapshots?

As illustrated in the following figure you can restrict access to EC2 instances, EBS volumes, and EBS snapshots by making use of …

Source de l’article sur DZONE