Through identity and access management (IAM), it is possible to assign policies that determine whether a user and the role can access particular services or not. An IAM system is also supposed to maintain the principle of least privilege (POLP), which grants the roles and users the permission to access certain resources. As a business focuses on ensuring the IAM is secure, some of the issues that come about include experimenting using new forms of technology, building fast and reducing friction across teams.

As the scope and number of IAM objects grow, it may be hard to answer questions such as:

• Are there inline policies?
• Which policies are assigned to groups?
• Can another person assume the role of other principles or users?

As a developer, there are different approaches you can use to ensure the IAM configuration is auditable, tidy and right-sized. Automation plays a key role in this case.

Read more at The Best IAM Practices for DevOps