Principle of Least Privilege

Follow

Principle of Least Privilege

When a user or a role is created in Kion, by default, the user can only login. They do not have permission to view, modify, or create any new resources. This is by design so that you can grant users appropriate privileges at a granular level.

It's a best practice to only provide users with enough access to perform their job. This is called the principle of least privilege (PoLP). For instance, if a user only needs the ability to modify objects in an S3 bucket, don't allow that user to create or delete S3 buckets. This is widely accepted to be an important practice for data security and continuity of operations.

In Cloud Consoles

Kion lets you create and manage objects within cloud providers that allow or deny users to perform certain actions in your cloud provider accounts. Some objects that control user access, such as IAM policies and role definitions, can be defined at very granular levels, so it's important that you understand how to use them safely. Since multiple objects can be applied to the same user or role, we suggest that you break down complex sets of needs into smaller groups of permissions (as a policy or role definition) for easier management across your users.

For instance, if all of your users need access to create, start, stop, and delete EC2 instances in an AWS account, you can create one AWS IAM policy and apply it to all of those users. Then, you can create an additional policy for any users that need more access, like read or write access to S3.

In Kion

The principle of least privilege is also best practice within Kion itself. Using permissions schemes, you can control what parts of the application users have access to. Similar to managing access in cloud consoles, we recommend thinking through the various roles within your organization and the minimum amount of permissions they need.

For example, someone in the finance department would likely need permissions to manage funding sources, browse billing sources, and browse global reports. They probably wouldn't need permission to create projects or manage user groups.

For information about using permissions within Kion, see Getting Started with Permissions