Netflix has open sourced two AWS management tools -- named ConsoleMe and Weep. The tools may help MSPs and end-customers to more effectively manage Amazon Web Services public cloud settings, while mitigating the risk of AWS misconfigurations that potentially lead to data leaks and security breaches.
The Netflix tools include:
- ConsoleMe, a self-service tool for AWS that provides an easier way of managing permissions and access across multiple accounts, while encouraging least-privilege permissions.
- Weep, which is ConsoleMe’s CLI utility. It retrieves temporary (1-hour) AWS credentials from ConsoleMe, and offers a number of different ways to serve them locally.
Netflix has extensive experience running and managing AWS workloads. Indeed, Netflex's video streaming service runs on AWS infrastructure.
Avoiding Cloud Mis-Configurations, AWS Data Leaks
The ConsoleMe and Weep tools arrive at a key time for MSPs and end-customers. While AWS has focused aggressively on effective security, some users and IT consulting firms misconfigure the the cloud service -- which can lead to data leaks and breaches.
Multiple companies now offer Cloud Security Posture Management (CSPM) software to track and mitigate misconfigurations across AWS, Microsoft Azure and Google Cloud Platform (GCP). Recent CSPM market moves include:
Tools like Netflix ConsoleMe don't quite fit into the CSPM box, but may still help partners and customers to configure and enforce proper AWS permissions and access settings.
