Flexible and Secure SSH access to cloud infrastructure — Part I

Medium Articles

Welcome
Blog
Flexible and Secure SSH access to cloud infrastructure — Part I

Watch the video: Flexible and Secure SSH access to cloud infrastructure — Part I

A couple of years ago we reviewed the way we manage our teams’ SSH accesses. We were looking for three key areas of improvement: service-level granularity, flexibility to give time-bounded accesses, and finally good traceability for auditing purposes.
TL;DR we decided to move towards certificate-based accesses with BLESS (by Netflix OSS), an “SSH Certificate Authority that runs as an AWS Lambda function and is used to sign SSH certificates from public keys”. In this first article, we detail why we made this choice as well as alternate solutions we dismissed.

Our speaker(s)

Robert Dupuy

VP Engineering

We don’t compromise quality for speed

Cyrille Dubarry

Engineering Manager

Alban Perillat-Merceroz

Engineering Manager in Tech Montpellier

Han Ju

Senior Software Engineer

Tristan Sallé

Senior Software Engineer

Xavier Bucchiotty

Director of Engineering

Putting people in condition of success

Loïc Jaures

SVP Technology

Jean-Baptiste Pringuey

VP Engineering

Innovate constantly to sustain our growth

Kévin Margueritte

Software Engineer

Benjamin Davy

Sustainability Director

There is an important lack of resources to measure the impact of digital services. I’m glad and thankful to be able to work on this issue with such a motivated team!

Antoine Brechon

Engineering Manager - Infrastructure Team

Damien Pacaud

Former Infrastructure Director

Matthias Kunter

Senior Software Engineer @ Analytics

Benoit Daviaud

Senior Software Engineer @ Buying Engine

Damien Islam-Frenoy

Chief Technology Officer

Innovation is at the heart of our business

Florian Marin

Engineering Manager @ TAM Central

Nicolas Vizern

Senior Software Engineer @ Buying Engine

Romain Hardouin

Staff Engineer @ Infra-reliability

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Flexible and Secure SSH access to cloud infrastructure — Part I

Watch the video: Flexible and Secure SSH access to cloud infrastructure — Part I

Our speaker(s)

Similar posts

How I Cut Docker Image Size by Switching to a Distroless Base Image

The caching strategy of our Teads SSP

My Journey as an iOS Developer Intern at Teads