Movatterモバイル変換


[0]ホーム

URL:


Skip to content
DEV Community
Log in Create account

DEV Community

Cover image for The Back-Pass Rule That Changed the Game
Uri Peled
Uri Peled

Posted on

     

The Back-Pass Rule That Changed the Game

It’s good to have goals

With Higuita behind them, the defensive line of Colombia could push higher up the field, pressing the opposition to win the ball back. Then, when in possession, they were a more compact unit, with lots of options for their trademark short passing.

Not evenDavid Beckham,Diego Maradona orMessi can say they changed the game.
But to your surprise, the former Colombiangoalkeeper Rene Higuita,changed the game.

At 1992, with Higuita's high-risk 'sweeper-keeper' playing style in mind, it was decided by FIFA that goalkeepers had to play with their feet. You must play the ball back to them and they can’t pick it up.

Pause, rewind, play:

Now days we have video referees and goalline technology, but while this tech have started fresh conversations about the hard laws of the soccer game, the machines themselves have not changed the rules instead they have allowed them to be scrutinised more closely – perhaps too closely, but that’s an argument for another time.

Now you're probably wondering why you're reading a soccer story in a post about cloud security

Just like today's "modern football", these days, the advent of SaaS applications has accelerated the pace of business and introduced a host of new cybersecurity concerns.

Q: So how can goalkeepers in the cloud-native world ensure security?
A: They change the rules!

So while FIFA/Hackers continues to toy with the Laws of the Game, here is a suggested rule change to make this beautiful game of ours even more beautiful/secure:

Imagine you have a group namedR.Madrid.
Members ofR.Madrid should not be allowed to access any Amazon S3 resources except theMadrid folder in theSpanish League bucket. And certainly not to access anything related to theBarcelona folder.

{   "Version":"2012-10-17",   "Statement":[      {         "Effect":"Allow",         "Action":[            "s3:ListBucket"         ],         "Resource":[            "arn:aws:s3:::SpanishLeagueBucket/Madrid"         ]      },      {         "Effect":"Allow",         "Action":[            "s3:PutObject",            "s3:GetObject",            "s3:DeleteObject"         ],         "Resource":[            "arn:aws:s3:::SpanishLeagueBucket/Madrid/*"         ]      },      {         "Effect":"Deny",         "NotAction":"s3:*",         "NotResource":[            "arn:aws:s3:::SpanishLeagueBucket/Madrid",            "arn:aws:s3:::SpanishLeagueBucket/Madrid/*"         ]      }   ]}
Enter fullscreen modeExit fullscreen mode

The above isIAM resource-based policy that can be used in order to limit access to a specific resource by explicitly deny all operations that require other services.

"NotResource is an advanced policy element that explicitly matches every resource except those specified"
Enter fullscreen modeExit fullscreen mode

Cool Links:

Top comments(0)

Subscribe
pic
Create template

Templates let you quickly answer FAQs or store snippets for re-use.

Dismiss

Are you sure you want to hide this comment? It will become hidden in your post, but will still be visible via the comment'spermalink.

For further actions, you may consider blocking this person and/orreporting abuse

  • Location
    Israel
  • Work
    Cloud Security Manager/Architect
  • Joined

More fromUri Peled

DEV Community

We're a place where coders share, stay up-to-date and grow their careers.

Log in Create account

[8]ページ先頭

©2009-2025 Movatter.jp