Permissions

• Simple permissions management is just a list e.g. Access Control List (ACL)
• Role Based Access Control (RBAC) defines groups of permissions by person e.g. manager, intern, executive
  • More flexible and simple at first
  • Complexity creep for each person who thinks they’re “special”
• Attribute Based Access Control (ABAC) defines permissions for combinations of the person, task, data, etc.
  • e.g. AWS Identity and Access Management (IAM) aims to balance complexity with security