App environments can access AWS resources using IAM Roles

We are happy to open up a new feature that allows App environments to securely access AWS managed services such as S3, SQS or SNS.

Your app container running inside App environment can now access any AWS service using IAM roles. You don’t have to configure any IAM key/credential as secrets anymore.

Accessing cloud services via roles, instead of using keys, is the AWS-recommended way. Because IAM keys are long living and may pose a threat if it gets leaked. Role based access allows you to fetch short term credentials that automatically expire usually within an hour.

LocalOps sets up a default IAM role for your App environment in the target AWS account. We set things up inside your app environment's cluster such that your application will be able to use this IAM role implicitly if you declare the `ServiceAccount` in your Helm deployment yaml spec. By implicitly, we mean that while calling AWS services using AWS SDK, you don’t have to configure any authentication credential.

After the app environment is provisioned, you can manually add/remove appropriate/relevant IAM policies to the app specific IAM role we provisioned earlier.

Read our documentation to learn more.

We ensure all cloud security best practices are enabled from day one on all App environments we provision.Your team don't have to learn or adopt them. So that your application and its data are secure by default, both in transit and rest.

Unlock BYOC deliveries using LocalOps:

Do you have enterprise customers asking to deploy your application in their cloud or as a single tenant environment in your cloud? Sign up at LocalOps for free at https://localops.co and spin up automated Kubernetes powered App environments in your cloud or your customer cloud within minutes.

If you want a quick demo of LocalOps, schedule a time with us here at https://on.localops.co/meetings/anand-localops/30-min-demo.

Cheers.