AWS Morning Brief

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/an_unexpected_love_letter_to_azure/Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/NIsF_NS1B0kNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of August 15, 2022 with Corey Quinn.

Links:Twilio's disclosure of an Employee and Customer Account Compromise. Update of AWS Security Reference Architecture is now availableAs the linked tweet says: "If you check out the AWS docs on IAM policy parsing order there is a flowchart that shows you can get an Allow outcome before the boundary policy is evaluated." IAM-Deescalate: is an open source tool to help users reduce the risk of privilege escalation.

Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/why_amazon_cant_end_the_release_tidal_wave/Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/eKMxBNF5N-kNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of August 8, 2022 with Corey Quinn.

Links:35K GitHub repos had been compromised by malware. GitHub security issued a response within 24 hours showing what their findings indicate and clarifying the situation.Scale your workforce access management with AWS IAM Identity Center (previously known as AWS SSO)Welcoming the AWS Customer Incident Response Team - Surprisingly this doesn't require a paid support plan.iamlive generates IAM policies from AWS calls via client-side monitoring

Want to give your ears a break and read this as an article? You’re looking for this link.Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of August 1, 2022 with Corey Quinn.

Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/Q2Zpg5jQe-QNever miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

Links:The Nigerian government scores this week's S3 Bucket Negligence AwardNew Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio SignalsAutomatically block suspicious DNS activity with Amazon GuardDuty and Route 53 Resolver DNS FirewallUse Security Hub custom actions to remediate S3 resources based on Macie discovery results There has been significant improvement to the AWS IAM documentation around IAM best practices.Artillery lets you use Lambdas for open source load testing.