Cloud-native application are certainly the way to go to maximize your cloud investment, however for many organization, redeveloping their in-house applications to be cloud-native can be a daunting (and expensive) exercise. So in many cases it makes sense to lift&shift the on-prem servers to the cloud to utilize at least some of the benefits fromContinue reading “Accessing your EC2 instances securely”
Author Archives: massyn
Detect EC2 instances without SSM enabled
So you have a fleet of EC2 instances running, and you need to patch them with SSM. You deploy the patches, but somehow, you missed some instances. It turns out that the SSM agent is not running on all your EC2 instances. This could be a disaster. There is no direct way to find whichContinue reading “Detect EC2 instances without SSM enabled”
AWS Security Info – August 2021 update
It’s been a bit of a quiet month for updates to the AWS Security Info modules. There’s been a couple of changes that I’m publishing today. New features We now support Organizations! That’s right.. If you point the script to the master account, and you specify the –organization parameter with the name of your organizationalContinue reading “AWS Security Info – August 2021 update”
AWS Security Configuration Scanner
Large enterprises tend to invest into CSPM systems (Cloud Security Posture Management) like Dome9, PrismaCloud, or Orca Security. For smaller companies, it may be cost prohibitive to invest in a CSPM, so they tend to simply do nothing , and hope they don’t have any breaches. This is a dangerous place to be in. Let’sContinue reading “AWS Security Configuration Scanner”
Bayesian Average
The Bayesian Average is a mathematical formula that is used to derive average in a data set when the data set may be small. Typically you’ll see the bayesian average used on sites like Yelp. Let’s assume for a moment, there are a number of restaurants, with various ratings across the board. Each of themContinue reading “Bayesian Average”
Things I don’t like about AWS
Full disclaimer – I am an Amazon Web Services fan boy. I love their cloud offering and I proudly hold 3 AWS certifications. Through my day job, I am also getting exposed to Azure. Yes I know – Azure is a swear word amongst Amazonians, but the reality is that many companies do dabble inContinue reading “Things I don’t like about AWS”
AWS IAM Access Keys
Access keys allow you to access AWS resources from scripts and command lines. It also creates additional challenges that you need to be aware of. https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
Identity & Access Management
Identity & Access Management (IAM) is at the core of everything AWS does. In this video, I’ll be running through the key concepts of AWS, and demonstrating how you can securely setup an EC2 instance to interact with an S3 bucket. https://aws.amazon.com/iam/ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
The 7 Deadly Cloud Sins – Video
The 7 deadly cloud sins. Things to watch out for as you go on your cloud journey.
Using AWS Lambda + API Gateway from Javascript
If you’ve been working with AWS for a while, you’ll know that Lambda functions is where it’s at. Lambda is AWS’ server-less offering, allowing you to run code in the cloud without having to worry about infrastructure. Lambda is really powerful. The real advantage is with the complete integration in AWS IAM. Once you’re familiarContinue reading “Using AWS Lambda + API Gateway from Javascript”
