Morioh
Login
Ulices Hermiston

Ulices Hermiston

3 years ago

In this case study we will cover:

How to configure AWS Console to use Github credentials for your organization.
How to map AWS IAM roles to Github teams, i.e. how to implement role-based access control (RBAC).
How to map SSH credentials of your AWS instances to Github teams.
Effectively, this makes Github a “single source of truth” for who has access to the AWS infrastructure used in your organization. Under this scheme, an engineer only has to login into Github once and after that:

They automatically get access to AWS, but only to resources their Github Team allows.
They automatically get auto-expiring SSH credentials to AWS instances, but only to instances with tags that their Github Team specifies and only as a specific OS login (for example, as ops but not root).

#github #ssh #rbac

SSH into your AWS infrastructure using Github for RBAC

gravitational.com

SSH into your AWS infrastructure using Github for RBAC

How do you let your employees access company AWS infrastructure using their Github credentials? How do you restrict parts of your infrastructure to certain Github teams? How do you configure SSH to use Github credentials? This blog post covers it all.

1.50 GEEK