身份安全创新：我们如何保护云端并帮助您也做到这一点.pdf

《身份安全创新：我们如何保护云端并帮助您也做到这一点.pdf》由会员分享，可在线阅读，更多相关《身份安全创新：我们如何保护云端并帮助您也做到这一点.pdf（112页珍藏版）》请在三个皮匠报告上搜索。

1、 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.S E C 3 4 5Innovation in Identity Security:How we protect the cloud and help you do it tooKristen HaughtSr.Security Engineering Manager,AWS IdentityIlya EpshteynDire

2、ctor,AWS Identity Security&Solutions,AWS IdentityChris SchultzSenior Director,Cloud IAM,Capital One 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.IAM outbound identity federationIAM temporary delegationIAM policy autopilotMore20062011AWS Identity and Access Manager(IAM)Email/pas

3、sword2019-23Data perimeter controlsIAM Access Analyzer:external access,policy checks,generate policies,unused access2017AWS Organizations and Service Control Policies(SCPs)IAM Identity Center20252024Resource Control Policies(RCP)Declarative policiesFrom bookstore login to billions of auth calls2012I

4、AM Roles for EC2 instances 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.201420142015Chris begins his journey with Cloud IAMIlya joins AWS realizes all SAs need to be experts in IAM!Kristen joins Amazon quickly pivots to AWS Security2019Chris advocates for data perimeters coffee

5、 consumption increases!20212024Kristen joins AWS Identity interview loop at re:Invent 2024!re:Invent 2025Lets do a talk on Identity Security!How we ended up hereIlya joins AWS Identity how can you say no to Brigid?2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Agenda Security of

6、the cloud(behind the scenes)Security in the cloud(in practice)Capital One storyNew and recent launches 2025,Amazon Web Services,Inc.or its affiliates.All rights reserved.Every request,every service,every builder depends on identity working correctly and consistentlyIdentity security is the foundatio