Detect EC2 instances without SSM enabled

So you have a fleet of EC2 instances running, and you need to patch them with SSM. You deploy the patches, but somehow, you missed some instances. It turns out that the SSM agent is not running on all your EC2 instances. This could be a disaster. There is no direct way to find whichContinue reading “Detect EC2 instances without SSM enabled”

AWS Security Info – August 2021 update

It’s been a bit of a quiet month for updates to the AWS Security Info modules. There’s been a couple of changes that I’m publishing today. New features We now support Organizations! That’s right.. If you point the script to the master account, and you specify the –organization parameter with the name of your organizationalContinue reading “AWS Security Info – August 2021 update”

AWS Security Configuration Scanner

Large enterprises tend to invest into CSPM systems (Cloud Security Posture Management) like Dome9, PrismaCloud, or Orca Security. For smaller companies, it may be cost prohibitive to invest in a CSPM, so they tend to simply do nothing , and hope they don’t have any breaches. This is a dangerous place to be in. Let’sContinue reading “AWS Security Configuration Scanner”

Using AWS Lambda + API Gateway from Javascript

If you’ve been working with AWS for a while, you’ll know that Lambda functions is where it’s at.  Lambda is AWS’ server-less offering, allowing you to run code in the cloud without having to worry about infrastructure. Lambda is really powerful.  The real advantage is with the complete integration in AWS IAM.  Once you’re familiarContinue reading “Using AWS Lambda + API Gateway from Javascript”