A decade of securing the cloud
Puget Sound Sunris, Jim Scharf

A decade of securing the cloud

AWS Identity and Access Management (IAM) launched 10 years ago today, and that time has seemed to fly by in the blink of an eye. I had the privilege of leading the AWS IAM team from its inception, and was there on the launch night it launched ten years ago. Although I rotated through a couple of different roles in the decade in between, some twists and turns have led me back to leading AWS Identity, which includes AWS IAM. So I thought I might have a unique perspective to share on this anniversary of this services that all AWS customers depend upon.

AWS IAM came about because customers loved AWS services such as S3, EC2, and SQS, and wanted to use these services as part of even larger projects. Back then, the options were either to have people each work within their own isolated AWS account (which made collaborating on larger projects difficult), or to work together within a single AWS account all sharing the same root credential (which made security engineers grimace). Customers told us that they needed a solution where developers could build in the same account using their own credentials, and administrators could selectively grant them access only to specific resources. We let this customer feedback guide us as we built AWS IAM, with the hope that it would help enable a whole new wave of workloads to move to the cloud.

I looked through my old photos and I found one from that launch night. I won’t share the photo to protect the identities (pun intended) of the original launch team, but looking at that photo (and the MacBook white plastic laptops therein) led me to reflect on what has changed in AWS IAM since that launch. I grew up a big fan of David Letterman’s Top 10 Lists, so here are the top 10 changes I’ve observed in AWS IAM over the years...

No alt text provided for this image
No alt text provided for this image

Looking back, it’s pretty clear a lot has evolved in the space of AWS IAM over the last 10 years. Looking forward, it may be more useful not to consider what will change, but what won’t.

No alt text provided for this image

What do you think is not going to change in the next 10 years of cloud security, identity, and access control?

It is pretty clear that a whole new wave of companies and applications have indeed moved to the cloud since that launch night. I’d like to think that AWS IAM played at least a small, but critical, role in enabling those workloads. I can’t wait to see what the next 10 years hold in store for AWS IAM!

Andy Jassy Can you please help me sir?🙏🏽

Like
Reply

Hlw sir my name is adarsh mishra and i am from rewa m.p. and I want a startup for BPO I have 2 year experience on BPO fields and now I want to open my own BPO. I habe 12 man power can you give me a project.

Like
Reply
Raj Krishnamurthy

Engineering next generation trust systems

2y

A brilliant writeup Jim Scharf. Thanks!

Kam Syed

Sales Leader for Global and Strategic Accounts at AWS

2y

Incredible work and accomplishment Jim, here's to the next decade and beyond!

What a difference IAM made when it launched! NYT at the time had to build its own version to avoid sharing the keys! Congrats on the decade!!! 👏

To view or add a comment, sign in

Insights from the community

Explore topics