Over the last decade, enterprises have accelerated the adoption of the cloud. According to the State of the Cloud report by Flexera, the average annual spend on cloud computing is over $62 million. As enterprises continue to invest in the cloud, AWS, the market leader in cloud computing, is growing at a rapid pace.
The rise of cloud computing poses new challenges to enterprise IT. With each department migrating and managing their workloads in AWS, there is a proliferation of accounts, users and roles. The central IT team responsible for enforcing compliance and security struggles to keep up with the increasing AWS account sprawl.
System integrators (SI) and consulting organizations specializing in migrating and managing cloud deployments are recognized by AWS for their expertise. Enterprises engage these AWS partners to tackle long-term, strategic initiatives and day-to-day operations related to DevOps. Based on the expertise of an SI, enterprises often engage with multiple consulting companies to manage their AWS operations.
One of the common approaches enterprise IT takes is the mechanism of creating IAM roles and federated identities. Each IAM user gets unique credentials to access AWS resources through the browser-based console or the command line tools. However, this becomes complex with the growth in internal and external users.
Enterprise IT is under pressure to deal with internal DevOps teams and external SIs working with various departments. They need a reliable mechanism to put them in control of their infrastructure and workloads. IT should be able to delegate access based on the principles of least privilege. In scenarios where elevated privileges are required, they should be able to provide just-in-time privilege escalation.
Remoteler is an identity-aware and context-aware proxy designed to work seamlessly with AWS. Its access plane becomes the centralized window to consume various AWS managed services by internal and external users of an organization. Remoteler is tightly integrated with mainstream services such as IAM, EC2, S3, RDS and EKS. When users access these services through Remoteler, they automatically comply with the policies defined by the central enterprise IT team. With its tight integration with AWS console, SDK and AWS CLI, these policies work consistently irrespective of how users access the services.
The Remoteler access understands and integrates with AWS federation and IAM role trust relationships. This integration enables enterprises to implement role-based access control (RBAC) for internal and external users. DevOps engineers from internal departments can access the AWS console or CLI through a role with just enough permissions for the target resource. External consultants and contractors belonging to other AWS accounts can also be given access to AWS resources through trust relationships. Both the approaches rely on a centrally defined Remoteler access policy.
Here are a few advantages of using Remoteler to centralize AWS access control:
Remoteler complements and extends AWS IAM to deliver fine-grained role-based access control and detailed insights for audit and review. For a detailed discussion of these capabilities and concepts, sign up for the upcoming webinar delivered by Remoteler.