Hey everyone! Vignesh here with the latest tech update. If you want to contribute to what we're building or would like more regular weekly updates, please join our Slack community or follow us on Twitter!
Free Trial
We now offer a free trial of Common Fate for 30 days. During the trial period, our Core Team is on hand to help your team get set up and test out the platform. If you’d like to get started, click here.
Granted Browser Extension
We’ve just released a new browser extension for Granted which makes authenticating to AWS IAM Identity Center faster and more secure. The extension protects users from being phished for AWS credentials. The extension works in all Chromium-based browsers and requires Granted version 0.35 or later. To get started with the extension, install Granted and then install the extension here.
Cedar for authorization in Common Fate
Chris discussed how we use Cedar for authorization in Common Fate at fwd:cloudsec EU 2024. The recording for his talk can be found here and the slide deck can be found here.
What is Policy as Code?
PaC is the practice of managing and enforcing organizational policies through code, allowing teams to define rules and compliance requirements in a programmable format. This approach not only enhances automation but also reduces human error, ensuring that security policies are consistently applied across all environments. Check out Rowan Udell’s blog post on PaC here.
Zero Standing Privilege (ZSP)
Common Fate implements ZSP rather than standing access which is very tempting for potential attackers because not all credentials are created the same. The act of requesting time-limited permissions gives an additional layer of security on top of the usual authentication mechanisms, like strong passwords and multi-factor authentication (MFA). Read more about ZSP vs Static access here.
Common Fate v2.6
We have made some UI changes to our web console which includes improved requests viewing experience, improved integration managements and improvements to RDS proxy. For a comprehensive list of changes, please visit our changelog.
Granted Updates
Version 0.35.0 adds support for the new Granted browser extension for Chrome, which confirms the user code automatically when logging in to AWS IAM Identity Center.
In our ongoing commitment to enhancing Granted, we're excited to share additional updates:
- Add fixes to setting custom browser by @meyerjrr in #760
- Fix the version output when running
assume -v
by @chrnorm in #762 - Added support for manual setting of PassDir to avoid pass password pollution in default location by @VigneshSelvaraj96 in #761
- Add apigw -> apigateway service shortcut by @alexjurkiewicz in #763
- Add AWS IAM Identity Center device code flow automation by @chrnorm in #765
Your voice shapes our tools. We value your feedback, suggestions, and ideas, so please don't hesitate to get in touch.
Until next time,
The Common Fate Team