A new developer joins your team on Monday. They need SSH access to three servers, permission to deploy to staging, read-only access to production logs, and sudo for a handful of commands. Do you give them full root access and hope for the best? Absolutely not. Here's how to do it right.
34 posts tagged with "Security"
Cloud and infrastructure security
View All TagsMost engineers treat S3 like a hard drive in the cloud — upload files, download files, done. But S3 is actually a full-featured data platform, and misunderstanding it costs companies thousands of dollars every month. Here are 10 things you're probably getting wrong.
AWS IAM — The ONE Service You Must Master First
· 5 min read
You can learn EC2, S3, Lambda, and every other AWS service out there, but if you get IAM wrong, none of it matters. One misconfigured policy and your S3 bucket is on the news. Let's make sure that never happens to you.
Linux File Permissions Explained — Who Can Do What?
· 7 min read
Your deployment script fails at 2 AM with Permission denied. The container can't write to the log directory. A junior developer accidentally made a config file world-writable. Sound familiar? Understanding Linux file permissions is the difference between a secure, working system and a nightmare.