ADVSEC01-BP04 Implement authorization by setting access policies, and implement least privilege access for users to protect programmatic advertising workloads

Address the risk of authenticated advertisers and SSPs access to data they should not reach.

Implementation guidance

Implement strong AWS Identity and Access Management (IAM) policies when you deploy a global advertising technology workload. Use the principle of least privilege, and enforce the separation of duties for good security posture. Administrative access should only be given to a small number of secured administrators.

Use IAM Access Analyzer to validate IAM policies and verify that they match IAM best practices and your organization's security standards. IAM Access Analyzer can help your organization review and removed unused or external access across your AWS resources with continuous monitoring. IAM Access Analyzer can also assist administrators by validating your IAM policies against IAM policy grammar and AWS best practices.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

ADVSEC01-BP03 Restrict DSP outbound traffic to authorized SSPs only

Data protection