📢 MAMIP (Monitor AWS Managed IAM Policies)
Policies changed since last week:
- AWSBackupFullAccess
- AWSBackupOperatorAccess
- AWSBackupServiceLinkedRolePolicyForBackup
- AWSBackupServiceRolePolicyForBackup
- AWSBackupServiceRolePolicyForRestores
- AWSECRPullThroughCacheServiceRolePolicy
- AWSECRPullThroughCache_ServiceRolePolicy
- AWSElementalMediaTailorFullAccess
- AWSElementalMediaTailorReadOnly
- AWSIotRoboRunnerFullAccess
Get notified of policy change using this Twitter bot. 🐦


Thank you @Cloudflare for your R2 announcement 2 months ago to force AWS to reduce their egress charges.

#AWS Free Tier Data Transfer Expansion – 100 GB From Regions and 1 TB From Amazon CloudFront Per Month - aws.amazon.com/blogs/aws/aws-…


Cloudsplaining (scans AWS IAM policies for excessive permissions) now integrated with Checkov. You can just point Checkov at Terraform code to find policies with Privilege Escalation, Resource Exposure, Credentials Exfi, & Data Exfil capabilities.

Check out today's post from @kmcquade3 and @BarakSchoster to learn how #Cloudsplaining and #Checkov can be used together to identify AWS IAM least privilege violations in both build-time and runtime. 🔎 bridge.dev/3cCFiCg

Just going through the last year in AWS announcements and it's incredible how quickly Graviton has spread 🤯
Graviton is now in:
* EC2 (+ consuming services)
* ECS / EKS
* Lambda
* Beanstalk
* OpenSearch
* RDS DBs / Aurora
* Neptune
* ElastiCache
* DocDB
* MemoryDB
* CodeBuild

I think I've tweeted over the years how much of a fan I am of @honeycombio. So I made a thing that gives you a zero-effort taste of Honeycomb with your own metrics.
awsteele.com/blog/2021/11/2…


See you next week at #AWS #reinvent? I'll be hosting a Leadership Session focused on the current state of #security #privacy #compliance on @awscloud! Mark your calendars: happening Thursday, Dec. 2 from 1 - 2 PM (PST). Register for virtual reinvent today go.aws/3nhLwxh


My flight has a lot of AWSers on it as we head to #reInvent, we saw each other, smiled, and kept to ourselves...secretly knowing we all need the few hours of non work talk before a week full of it. Same thing happens on the way home. My AWS people get me. ✈️ 🎧

I recently learned that AWS Heroes get free tickets to re:invent. Who do I have to incessantly nag to become a hero in time for re:invent 2022? 😅

This release is pretty slick. Enable your employees to authenticate with their existing corporate credentials, single sign-in to the AWS console, and have up to 4 separate EC2 windows instance sessions open in a single tab!

🎦 In this demo, learn how to provide your #AWSSSO users a one-click log-in experience to Amazon EC2 Windows instances. go.aws/3FHS26Z


HashiCorp Waypoint is incredible. The deployment process for Dockerized AWS Lambda functions is so easy, seamless, and fast. Low difficulty for entry. And it doesn’t require CloudFormation. So refreshing.
I plan on getting rid of my AWS SAM CLI crap and moving to Waypoint.
Hello, I'm trying to explore the cloud security field and i was wondering what advice you can give to a beginner or best learning path for cloud security. I know basics of AWS, Azure, GCP.
- 🖊️ This newsletter was fwd to you? Subscribe here
- 💌 Want to suggest new content: contact me or reply to this email
- ⚡️ Powered by Mailbrew
- 🐦 Follow me on Twitter or hire me.