Amazon Web Services (AWS) have a unique security concept called “assume role”. This concept is interesting from many points:
- technical (large scale stateless systems with HTTP signing, grouping and keeping permissions restricted)
- business (offload error-sensitive security functionality to battle-tested infrastructure, depending on pay-on-demand instead of pay-upfront resources)
- learning (differences when systems grow, the analogy to offline work)
This article is a written version of my presentation for those who did not attend VilniusPHP (slides, video), or ŠiauliaiPHP (slides, video), or Lithuanian is not your main language. Originally posted as “How AWS handles security”
Why should I care about AWS Security?
AWS has big clients that rely on…