Posts
CloudTrail wishlist: filtering by principal ARN
Surprising behaviour in AWS web console session duration
Gotcha: always use ARNs for S3 SSE-KMS
When AWS invariants aren't [invariant]
Deep dive into AWS CloudShell
How ima.ge.cx works
An AWS IAM Identity Center vulnerability
Reversing AWS IAM unique IDs
AWS role session tags for GitHub Actions
Useful flags for Go Lambda functions
Lambda CloudTrail data events
A role for all your EC2 instances
Improve GitHub Actions OIDC security posture with custom issuer
Centralised logging: from CloudWatch to Kinesis Firehose
Lambda extension environment variables
Configuration in the cloud
CloudFront and Lambda function URLs
Cheap serverless containers using API Gateway
openrolesanywhere - an IAM Roles Anywhere client
AWS VPC data exfiltration using CodeBuild
AWS GWLB: Deep Packet Manipulation
IPv6 and TOTP
Shared VPCs are underrated
CloudWatch EMF in Honeycomb
No need for AWS IAM users
Two approaches to cross-account EventBridge
AWS SigV4 caching
cgo for ARM64 Lambda Functions
Nested Express Step Functions
AWS IAM OIDC IDPs need more controls
Graviton2: ARM comes to Lambda
AWS federation comes to GitHub Actions
API Gateway HTTP APIs and SQS MessageAttributes
Give me a role in your AWS account
AWS Lambda $LATEST is dangerous
Cursory AWS KMS research
Nitro Enclaves - First Impressions
AWS IAM needs aws:ResourceOrgID
AWS Access Key ID formats
Yet another blog
Security September: Cataclysms in the Cloud Formations
Security September: Escaping CodeBuild - The compromise that wasn't
subscribe via RSS