When using ElasticBox, you bring your own cloud. To deliver the absolute best experience of deploying applications on any cloud, we are working very closely with all the cloud providers that we support – Google Cloud Platform, Amazon Web Services, Microsoft Azure, OpenStack, CloudStack, and VMware. One of the topics that often comes up is security. Today, we’re adding enhanced security for our AWS support.
Our friends at Amazon have built comprehensive Identity and Access Management (AWS IAM) features, which enable enterprises to grant and control secure access to specific AWS resources. For instance, with AWS IAM, cloud administrators can set up password policies for the user groups, delegate user and application rights with roles instead of sharing credentials and even enable multi-factor authentication for more privileged users. AWS IAM helps cloud administrators to narrow down the user rights and grant the least needed privileges for the users and applications.
At ElasticBox we are putting a lot of emphasis on security and hence we are proud to take advantage of the AWS IAM features. It is essential for us that we always comply with the industry standards and best practices of security and risk management. Starting July 11th, when adding a new provider on ElasticBox you will be asked to enter the AWS IAM credentials (Role ARN) instead of the AWS secret keys. This change will not have any impact on the existing providers or already running instances.
Feel free to reach out to our support team on firstname.lastname@example.org if you should have any questions about AWS IAM on ElasticBox.