Collaborate Disseminate
We have more than 50 accounts in AWS organization. We have deliberately kept production and non-prod workloads (environments) in separate accounts. Some critics say that is increasing management overhead and we should combine all these env… Continue reading AWS combining non-prod and production environments
The malicious Python package “Fabrice” on PyPI mimics the “Fabric” library to steal AWS credentials, affecting thousands. Learn how… Continue reading Fabrice Malware on PyPI Has Been Stealing AWS Credentials for 3 Years
AWS offers a comprehensive suite of security tools to help organizations manage compliance, protect sensitive data, and detect threats within their environments. From AWS Security Hub and Amazon GuardDuty to Amazon Macie and AWS Config, each tool is vi… Continue reading AWS security essentials for managing compliance, data protection, and threat detection
Whispr is an open-source CLI tool designed to securely inject secrets from secret vaults, such as AWS Secrets Manager and Azure Key Vault, directly into your application’s environment. This enhances secure local software development by seamlessly manag… Continue reading Whispr: Open-source multi-vault secret injection tool
I use NodeJS on AWS Lightsail and want to upgrade to version 23. I have been using a version packaged by bitnami that boasts "security by default", e.g. with some ports closed. It supports version 18 of NodeJS, which will reach e… Continue reading NodeJS 23 on AWS Lightsail
Operation EMERALDWHALE compromises over 15,000 cloud credentials, exploiting exposed Git and Laravel files. Attackers use compromised S3 buckets… Continue reading EMERALDWHALE Steals 15,000+ Cloud Credentials, Stores Data in S3 Bucket
Russian state-sponsored hackers Cozy Bear are targeting over 100 organizations globally with a new phishing campaign. This sophisticated… Continue reading Russian Cozy Bear Hackers Phish Critical Sectors with Microsoft, AWS Lures
Kentik launched The Cloud Latency Map, a free public tool allowing anyone to explore the latencies measured between over 100 cloud regions worldwide. Users can identify recent changes in latencies globally between various public clouds and data center … Continue reading The Cloud Latency Map measures latency across 100+ cloud regions
I’m wondering how exactly IAM Roles for Service Accounts authenticate requests to assume a role using the sts:AssumeRoleWithWebIdentity action when the role is in another account? The documentation has enabled me to get my solution working… Continue reading How are cross-account requests to assume IAM Roles using the ‘sts:AssumeRoleWithWebIdentity’ action authenticated?
I want to grant processes running on OpenStack infrastructure some access to AWS resources. (I also want to avoid manually rotating keys, and minimise the impact if credentials leak from these instances.)
Is there any secure way to associa… Continue reading How to grant AWS roles to OpenStack workloads?