Fine tuning Key and Secret access with Managed Identities - Azure
We want to protect cloud assets by giving processes the "list privilege" possible. This can be done through a combination of identities and access policies . Cloud assets are protected by access policies that describe the operations available to roles and identities. The Access Policies bind identities to permissions. Application and system processes present their identity as part of resource requests and the Access Policies decide if access is granted. Organizations can avoid creating "powerful" identities by creating multiple fine-grained identities, similar to roles. Processes are assigned the minimum combination of identities required to access only the resources they required. The Processes present the right identity when making a resource request. The Access Policies allow access based on the presented identity. The example is implemented in Microsoft Azure. Amazon AWS has similar capabilities. Use Case Virtual machines can need access to ...