Topic for today: IAM and security. The thing everyone skips and then breaks production with — getting it right while the projects are still small.
- IAM core model — users, roles, policies, principals, and how a request gets evaluated
- Writing least-privilege policies — Action / Resource / Condition keys, common patterns
- Cross-account roles and STS AssumeRole — when and why
- Agent-side security — prompt injection, tool authorization, scoped per-user credentials
- Secrets handling — Secrets Manager vs Parameter Store, rotation, KMS basics
- punith.md — Agentic AI angle on the topics
- chandana.md — AWS angle on the topics
Tracking issue: #2