<html dir="ltr">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" id="owaParaStyle">P {margin-top:0;margin-bottom:0;}</style>
</head>
<body fpstyle="1" ocsi="0">
<div style="direction: ltr;font-family: Tahoma;color: #000000;font-size: 10pt;">Yeah. Very interesting. Thanks for sharing.<br>
<br>
Kevin<br>
<div style="font-family: Times New Roman; color: #000000; font-size: 16px">
<hr tabindex="-1">
<div id="divRpF204891" style="direction: ltr;"><font face="Tahoma" color="#000000" size="2"><b>From:</b> Adam Heczko [aheczko@mirantis.com]<br>
<b>Sent:</b> Wednesday, October 04, 2017 2:18 PM<br>
<b>To:</b> OpenStack Development Mailing List (not for usage questions)<br>
<b>Subject:</b> Re: [openstack-dev] [policy] AWS IAM session<br>
</font><br>
</div>
<div></div>
<div>
<div dir="ltr">Hi <span style="font-size:12.8px">Devdatta, excellent post on IAM models.</span>
<div><span style="font-size:12.8px">Thank you!</span><br>
</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Oct 4, 2017 at 10:59 PM, Devdatta Kulkarni <span dir="ltr">
<<a href="mailto:kulkarni.devdatta@gmail.com" target="_blank">kulkarni.devdatta@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex; border-left:1px #ccc solid; padding-left:1ex">
<div dir="ltr">
<div>
<div>+1<br>
<br>
</div>
I spent some time recently studying IAM models of AWS and GCP. <br>
</div>
Based on this I had created following post comparing and summarizing the two models at high-level:<br>
<br>
<a href="http://devcentric.io/2017/07/13/comparing-iam-models-of-aws-and-gcp/" target="_blank">http://devcentric.io/2017/07/<wbr>13/comparing-iam-models-of-<wbr>aws-and-gcp/</a><br>
<div><br>
</div>
<div>Thought of sharing it here as it may help with big-picture comparison of the two models.<br>
</div>
<div><br>
</div>
<div>Best regards,<br>
</div>
<div>Devdatta<br>
</div>
<div><br>
</div>
</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<div class="gmail_quote">On Wed, Oct 4, 2017 at 11:12 AM, Kristi Nikolla <span dir="ltr">
<<a href="mailto:kristi@nikolla.me" target="_blank">kristi@nikolla.me</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex; border-left:1px #ccc solid; padding-left:1ex">
+1<br>
<span class="m_8372939751148729921HOEnZb"><font color="#888888"><br>
--<br>
Kristi Nikolla<br>
Software Engineer @ massopen.cloud<br>
<a href="mailto:kristi@nikolla.me" target="_blank">kristi@nikolla.me</a><br>
</font></span>
<div class="m_8372939751148729921HOEnZb">
<div class="m_8372939751148729921h5"><br>
On Wed, Oct 4, 2017, at 10:08 AM, Zane Bitter wrote:<br>
> On 03/10/17 16:08, Lance Bragstad wrote:<br>
> > Hey all,<br>
> ><br>
> > It was mentioned in today's keystone meeting [0] that it would be useful<br>
> > to go through AWS IAM (or even GKE) as a group. With all the recent<br>
> > policy discussions and work, it seems useful to get our eyes on another<br>
> > system. The idea would be to spend time using a video conference/screen<br>
> > share to go through and play with policy together. The end result should<br>
> > keep us focused on the implementations we're working on today, but also<br>
> > provide clarity for the long-term vision of OpenStack's RBAC system.<br>
> ><br>
> > Are you interested in attending? If so, please respond to the thread.<br>
> > Once we have some interest, we can gauge when to hold the meeting, which<br>
> > tools we can use, and setting up a test IAM account.<br>
><br>
> +1, I'd like to attend this.<br>
><br>
> Also I highly recommend<br>
> <a href="http://start.jcolemorrison.com/aws-iam-policies-in-a-nutshell/" rel="noreferrer" target="_blank">
http://start.jcolemorrison.com<wbr>/aws-iam-policies-in-a-nutshel<wbr>l/</a> over the<br>
> actual AWS docs as a compact reference.<br>
><br>
> - ZB<br>
><br>
> > Thanks,<br>
> ><br>
> > Lance<br>
> ><br>
> > [0]<br>
> > <a href="http://eavesdrop.openstack.org/meetings/keystone/2017/keystone.2017-10-03-18.00.log.html#l-119" rel="noreferrer" target="_blank">
http://eavesdrop.openstack.org<wbr>/meetings/keystone/2017/keysto<wbr>ne.2017-10-03-18.00.log.html#<wbr>l-119</a><br>
> ><br>
> ><br>
> ><br>
> ><br>
> > ______________________________<wbr>______________________________<wbr>______________<br>
> > OpenStack Development Mailing List (not for usage questions)<br>
> > Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">
OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib<wbr>e</a><br>
> > <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">
http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k-dev</a><br>
> ><br>
><br>
><br>
> ______________________________<wbr>______________________________<wbr>______________<br>
> OpenStack Development Mailing List (not for usage questions)<br>
> Unsubscribe:<br>
> <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">
OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib<wbr>e</a><br>
> <a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">
http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k-dev</a><br>
<br>
______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">
OpenStack-dev-request@lists.op<wbr>enstack.org?subject:unsubscrib<wbr>e</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/cgi<wbr>-bin/mailman/listinfo/openstac<wbr>k-dev</a><br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>
______________________________<wbr>______________________________<wbr>______________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" rel="noreferrer" target="_blank">
OpenStack-dev-request@lists.<wbr>openstack.org?subject:<wbr>unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" rel="noreferrer" target="_blank">http://lists.openstack.org/<wbr>cgi-bin/mailman/listinfo/<wbr>openstack-dev</a><br>
<br>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature">
<div dir="ltr">
<div style="color:rgb(136,136,136); font-size:12.8000001907349px">Adam Heczko</div>
<div style="color:rgb(136,136,136); font-size:12.8000001907349px">Security Engineer @ Mirantis Inc.</div>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>