AWS re:Inforce 2019: Account Automation and Temporary AWS Credential Service (GRC328)

AWS re:Inforce 2019: Account Automation and Temporary AWS Credential Service (GRC328)

AWS re:Inforce 2019: Account Automation and Temporary AWS Credential Service (GRC328)
Riot Games struggled with providing new AWS accounts and API access that met its security requirements, so it built an account provisioning service to ensure that all accounts are created consistently with the required security controls. Riot also built a credential service where developers can grab temporary API keys with one command. This works wherever the developers work, and the credentials automatically expire each day. Riot now provisions new accounts with security guardrails within an hour, and the number of permanent AWS API keys is reduced by 70 percent. Learn how to build similar services using AWS Organizations, AWS Step Functions, AWS Lambda, Amazon CloudFront, and Amazon API Gateway.

Presenter(s):
– William Green, Riot Games
– Reza Nikoopour, Riot Games

View on YouTube

Sharing is caring!

Comments are closed.