Policy Intelligence Drives Conversation at C2C Connect: France Session on April 12, 2022 | C2C Community

Policy Intelligence Drives Conversation at C2C Connect: France Session on April 12, 2022

Categories: Identity and Security Session Recording
Policy Intelligence Drives Conversation at C2C Connect: France Session on April 12, 2022

On April 12, 2022, C2C France Team Leads Antoine Castex (@antoine.castex) and Guillaume Blaquiere (@guillaume blaquiere) were excited to welcome Policy Intelligence Product Manager Vandhana Ramadurai to join a powerful session for the Google Cloud space in France and beyond. These sessions intend to bring together a community of cloud experts and customers to connect, learn, and shape the future of cloud. The following points summarize the key takeaways from Ramadurai’s presentation:

 

  • Policy Intelligence is a suite of 4 major tools which simplify security and IAM (identity and access management) at the project, folder, and organization levels.
  • IAM Recommender analyses, understands, and proposes new roles after an observation period of 90 days. The feature uses AI to increase recommendation accuracy.
  • The least privilege principle is important, but can be complex to enforce at project, folder, and organization level. IAM Recommender helps in that respect, and users can easily enforce or roll back the recommendation with a simple click (or API call).
  • IAM Simulator is a solution for users or organizations who may not trust AI to enforce recommendations. Users can manage IAM policy changes and simulate their potential impact. 
  • User accounts or service accounts may not have the permissions required to execute certain actions. IAM Troubleshooter understands mission roles and permissions and grants those required, without breaking the least privilege principle.
  • IAM Analyser, the final tool in the Policy Intelligence suite, lists the permissions granted a user to access a certain resource, the account assigned a specific permission or role, or a combination of both. This tool is particularly useful for auditing granted permissions.
  • The Policy Intelligence tools continue to evolve to include all the developing features in the IAM space (denied policy, for example).
  • In the future, the flagship product, IAM recommender, will include more ability to customize the duration of the observation period.

 

Despite its 60-minute time limit, this conversation didn’t stop. Policy Intelligence is a hot topic, and it certainly kept everyone’s attention. The group spent time discussing asset inventory, AI and ML modeling, and various topics in IAM including security, least privilege, and trust. Ramadurai also fielded questions from attendees, including Damien Morellet (@dmorellet) of SFEIR, who wanted to know if Policy Intelligence includes a dry run feature (it does!).

 

Watch the full video of the event below to learn more about this suite of tools and the many features and use cases of each one:

 

 

Preview What's Next

 

These upcoming C2C events will cover other major topics of interest that didn’t make it to the discussion floor this time around:

 

 

Extra Credit

 

Looking for more Google Cloud products, news, and resources? We got you. The following links were shared with attendees and are now available to you!

 

Thank you for a great takeaway post, @guillaume blaquiere ! It was a great event with Vandi and we are of course looking forward to more events like this one! :)