Principle of Least Privilege
When a user or a role is created in Kion, by default, the user can only login. They do not have permission to view, modify, or create any new resources. This is by design so that you can grant users appropriate privileges at a granular level.
It's a best practice to only provide users with enough access to perform their job. This is called the principle of least privilege (PoLP). For instance, if a user only needs the ability to modify objects in an S3 bucket, don't allow that user to create or delete S3 buckets. This is widely accepted to be an important practice for data security and continuity of operations.
In Cloud Consoles
Kion lets you create and manage objects within cloud providers that allow or deny users to perform certain actions in your cloud provider accounts. Some objects that control user access, such as IAM policies and role definitions, can be defined at very granular levels, so it's important that you understand how to use them safely. Since multiple objects can be applied to the same user or role, we suggest that you break down complex sets of needs into smaller groups of permissions (as a policy or role definition) for easier management across your users.
For instance, if all of your users need access to create, start, stop, and delete EC2 instances in an AWS account, you can create one AWS IAM policy and apply it to all of those users. Then, you can create an additional policy for any users that need more access, like read or write access to S3.
- AWS. For more info on using AWS IAM policies and to view sample policies, see What is an IAM Policy? For information about AWS service control policies (SCPs), see What is an AWS Service Control Policy?
- AWS users also have the option to use attribute-based access control enabled through AWS session tags. For more information, seeAttribute-Based Access Control via Session Tags.
- Azure. For information on Azure role definitions, see What is an Azure Role Definition?
- Google Cloud. for information on Google Cloud IAM roles, see What is a Google Cloud IAM Role?
The principle of least privilege is also best practice within Kion itself. Using permissions schemes, you can control what parts of the application users have access to. Similar to managing access in cloud consoles, we recommend thinking through the various roles within your organization and the minimum amount of permissions they need.
For example, someone in the finance department would likely need permissions to manage funding sources, browse billing sources, and browse global reports. They probably wouldn't need permission to create projects or manage user groups.
For information about using permissions within Kion, see Getting Started with Permissions