Slowing Our Role: Moving Towards Policy at Plex - John Reese, Plex Systems
Abstract
In this talk, we’ll walk through Plex’s journey from role-based access to embracing policy.To be fair, roles got us far at Plex. Roles can be a completely valid solution, especially for smaller systems. However, as we grew, we knew roles would not be able to solve all of our problems forever. Our solution? Policy.Through policy, automation and autonomy became a reality. By defining policies upfront, we could include them in our environments and release processes, allowing for changes to be made without any human intervention. Policy also allowed us to focus on what we actually want to secure: data. Developers no longer have to concern themselves with permissions or roles and can just use the APIs they need to get their job done.Our journey is not over yet, but you can still come hear all about where we started with role-based access control, where we are today, and where we want to be.