This article by Protego Labs CTO and co-founder Hillel Solow was originally published in The New Stack.
I had something of an epiphany recently about how to look at permissions and roles in serverless applications. Maybe to some of you, this won’t be as “Soylent Green is People” as it was to me. If so, kudos. If not, let me open your eyes.
Let’s start with some housekeeping. IAM (Identity & Access Management) is the idea that actors in a system like a cloud account have a limited set of permissions, and this scopes what they can do.…
Read the full serverless security article on The New Stack.