AWS Doesn’t Know Who I Am. Here’s Why That’s A Problem.

  • Any one of several hundred IAM roles within accounts in iRobot’s AWS Organization, none of which bear my name or are unique to me
  • An IAM User in my personal AWS Organization
  • A user in iRobot’s AWS SSO directory
  • A user in my personal AWS SSO directory
  • One or more AWS accounts for the AWS Serverless Application Repository
  • An account on portal.awsevents.com for AWS re:Invent, and maybe the same account for AWS re:Inforce, which uses an email address as an identifier
  • An account for the AWS Customer Council, which uses an email address as an identifier
  • An account for Amazon Chime
  • Any number of entries in AWS marketing databases for where I’ve been required to enter the same details each time I sign up for a webinar, event, etc.
  • I haven’t deployed anything to ECR Public yet, but if I do, I think the identity is also an AWS account?
  • I don’t use AWS IQ, but your identity there is tied to a single IAM principal
  • I don’t use the AWS Partner Network Portal, but apparently that has its own directory as well

--

--

--

Cloud Robotics Research Scientist at @iRobot

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Xenobots Are Defining Our Future

A Pentester’s Guide to Server Side Request Forgery (SSRF)

How to operate the crown lock-unlock security system of the Bühlmann Decompression 01

Nym v0.8.0 Released

HOAX: This website impersonating Safaricom and offering giveaways in its name is a scam

Walking Along the PATHS of the Administrator

Role-Based Access Control: What and Why

Top Cryptocurrency Security Tips for 2021

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ben Kehoe

Ben Kehoe

Cloud Robotics Research Scientist at @iRobot

More from Medium

Bootstrapping AWS CDK in a Secure Environment

Self-Hosted “Hide My Email” Service on AWS with CDK

Diving into the new CloudTrail Lake

Introducing the Coherence CLI