Morioh
Login
Zelma Gerlach

Zelma Gerlach

2 years ago

What is access management?

Access management is the process of identifying whether a user, or a group of users, should be able to access a given resource, such as a host, a service, or a database. For example, is it okay for a developer to be able to log in to a production application server using SSH, and if so then for how long? If an SRE is attempting to access a database during off-call hours, should they be allowed to do so? If a data engineer has moved to a different team, should they continue having access to the ETL pipelines’ S3 buckets?

How access management is done today?

Before the proliferation of various infrastructure and data services on the cloud, access management was a relatively simple problem for DevOps and Security teams to solve. VPNs and bastion hosts were (and still are) the preferred mechanisms to cordon off all critical resources at the network level. Users first authenticate with the VPN server, or log on to the bastion host, before they can access any resource on the private network.

#cloud #cloud security #network security #devops #development

A Reference Architecture for Fine-Grained Access Management on the Cloud

infoq.com

A Reference Architecture for Fine-Grained Access Management on the Cloud

In this article, we will define a new reference architecture for cloud-native companies that are looking for a simplified access management solution for their cloud resources, from SSH hosts, databases, data warehouses, to message pipelines and cloud storage endpoints.

1.15 GEEK