So you have a fleet of EC2 instances running, and you need to patch them with SSM. You deploy the patches, but somehow, you missed some instances. It turns out that the SSM agent is not running on all your EC2 instances. This could be a disaster. There is no direct way to find whichContinue reading “Detect EC2 instances without SSM enabled”
Author Archives: massyn
AWS Security Info – August 2021 update
It’s been a bit of a quiet month for updates to the AWS Security Info modules. There’s been a couple of changes that I’m publishing today. New features We now support Organizations! That’s right.. If you point the script to the master account, and you specify the –organization parameter with the name of your organizationalContinue reading “AWS Security Info – August 2021 update”
AWS Security Configuration Scanner
Large enterprises tend to invest into CSPM systems (Cloud Security Posture Management) like Dome9, PrismaCloud, or Orca Security. For smaller companies, it may be cost prohibitive to invest in a CSPM, so they tend to simply do nothing , and hope they don’t have any breaches. This is a dangerous place to be in. Let’sContinue reading “AWS Security Configuration Scanner”
Bayesian Average
The Bayesian Average is a mathematical formula that is used to derive average in a data set when the data set may be small. Typically you’ll see the bayesian average used on sites like Yelp. Let’s assume for a moment, there are a number of restaurants, with various ratings across the board. Each of themContinue reading “Bayesian Average”
Things I don’t like about AWS
Full disclaimer – I am an Amazon Web Services fan boy. I love their cloud offering and I proudly hold 3 AWS certifications. Through my day job, I am also getting exposed to Azure. Yes I know – Azure is a swear word amongst Amazonians, but the reality is that many companies do dabble inContinue reading “Things I don’t like about AWS”
AWS IAM Access Keys
Access keys allow you to access AWS resources from scripts and command lines. It also creates additional challenges that you need to be aware of. https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
Identity & Access Management
Identity & Access Management (IAM) is at the core of everything AWS does. In this video, I’ll be running through the key concepts of AWS, and demonstrating how you can securely setup an EC2 instance to interact with an S3 bucket. https://aws.amazon.com/iam/ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
The 7 Deadly Cloud Sins – Video
The 7 deadly cloud sins. Things to watch out for as you go on your cloud journey.
Using AWS Lambda + API Gateway from Javascript
If you’ve been working with AWS for a while, you’ll know that Lambda functions is where it’s at. Lambda is AWS’ server-less offering, allowing you to run code in the cloud without having to worry about infrastructure. Lambda is really powerful. The real advantage is with the complete integration in AWS IAM. Once you’re familiarContinue reading “Using AWS Lambda + API Gateway from Javascript”
