It’s been a bit of a quiet month for updates to the AWS Security Info modules. There’s been a couple of changes that I’m publishing today. New features We now support Organizations! That’s right.. If you point the script to the master account, and you specify the –organization parameter with the name of your organizationalContinue reading “AWS Security Info – August 2021 update”
Large enterprises tend to invest into CSPM systems (Cloud Security Posture Management) like Dome9, PrismaCloud, or Orca Security. For smaller companies, it may be cost prohibitive to invest in a CSPM, so they tend to simply do nothing , and hope they don’t have any breaches. This is a dangerous place to be in. Let’sContinue reading “AWS Security Configuration Scanner”
Full disclaimer – I am an Amazon Web Services fan boy. I love their cloud offering and I proudly hold 3 AWS certifications. Through my day job, I am also getting exposed to Azure. Yes I know – Azure is a swear word amongst Amazonians, but the reality is that many companies do dabble inContinue reading “Things I don’t like about AWS”
Access keys allow you to access AWS resources from scripts and command lines. It also creates additional challenges that you need to be aware of. https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
Identity & Access Management (IAM) is at the core of everything AWS does. In this video, I’ll be running through the key concepts of AWS, and demonstrating how you can securely setup an EC2 instance to interact with an S3 bucket. https://aws.amazon.com/iam/ https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-roles-for-amazon-ec2.html
The 7 deadly cloud sins. Things to watch out for as you go on your cloud journey.