Articles in the category "aws"

In this post, we will set it all up for easy working in Visual Studio Code. Let’s start!

While Infrastructure-as-Code slowly becomes omnipresent, many of the communicated advantages of the approach stay mostly unrealized. Sure, code style checks (linting) and even automated documentation get more common every month. But one of the cornerstones often gets ignore: testing. Let’s see which types of code testing are available and how to do it without writing too much code. The promise of the Infrastructure-as-Code (short: IaC) movement is to handle infrastructure just as if it was a program.

AWS BI solution Amazon QuickSight provides a neat and powerful web console to handle most use cases. Nevertheless, as soon as a need for automation appears, relying on IaC can help increase productivity.

Recently, I blogged about a security incident where CloudTrail was not set up to log S3 data events. But while this is the most common type of data events, there are some more. And one of them has really scary implications. But good news: you can protect yourself about that.

As AWS Cloud adoption becomes more widespread throughout the industries, challenges arise how to govern IT resource usage and implement a coherent management for systems across on-premises and the AWS Cloud. This blog post gives insights in how the AWS offered Systems Manager capabilities could be extended from the cloud environment to your hybrid and on-premises environments.

In today’s post, I will talk about a hacking investigation I recently took part in. We will look into what went wrong, what the attackers did, and how we can improve detection and prevention to manage such incidents better.

Writing “Least Privilege” policies is an art in itself, but it inevitably leads to a large number of JSON-based policies in your accounts. As one of the rules of good security is “low maintainability = low security”, let’s dive into tools which can show us risks inside our policies - which might even result in paths to administrative privileges!

IAM Roles are a critical security feature in AWS. Handling them is not very intuitive in the beginning. In this blog post we take a look behind the curtain and explain what’s going on when you assume a role.