@vito Check out #AdventOfCloudSecurity day 10
https://infosec.exchange/@christophetd/109491506163807997
you are looking for "IAM Roles for Service Accounts"
In a nutshell
As we end 2022, I want to thank all 1460+ readers for following this weekly newsletter.
Want to recognize my work on this Digest? You can:
- Forward this newsletter to a friend, colleague, or family
- Follow and retweet the associated Twitter account
Cheers, and happy holidays!
📢 MAMIP (Monitor AWS Managed IAM Policies)
Policies changed since last week:
- AWSManagedServicesDetectiveControlsConfigServiceRolePolicy
- AWSMigrationHubOrchestratorServiceRolePolicy
- AWSOrganizationsFullAccess
- AWSOrganizationsReadOnlyAccess
- AWSRefactoringToolkitFullAccess
- AmazonNimbleStudio-StudioAdmin
- AmazonNimbleStudio-StudioUser
- AmazonRDSFullAccess
- AmazonRDSReadOnlyAccess
🗓️ December 24th #AdventOfCloudSecurity
Together with @houston and @rami we wrote an analysis of over 50 publicly disclosed cloud breaches of 2022!
https://securitylabs.datadoghq.com/articles/public-cloud-breaches-2022-mccarthy-hopkins/
Merry Christmas to everyone who celebrates it!

A big thank you to @awscloud for their generous sponsorship. Open source software is an amazing multiplier of help in the community and it's great to have this support ❤️




We made it to Leavenworth, WA. @abbyfuller did the driving (she's Maine-level snow rated). Quietest we've ever seen the town before Christmas though, I think a lot of people have cancelled their trips.



I would easily pay $100 for my dream AWS Step Functions app. It would be similar to the SFN web console, but also:
* Log output from all invoked functions (with ability to search / query my structured logs)
* Bubble up info from child executions, without needing lots of tabs



I like what Wiz is sharing with PEACH peach.wiz.io and the intro blog post wiz.io/blog/introduci…
It looks simple enough to get started, but based on solid experiences




Console only. No SDK support. :(

AWS Organizations console adds support to centrally manage region opt-in settings on AWS accounts
Today, we are enhancing the AWS Organizations console to enable you to centrally view and update the region opt-in settings for your AWS accounts. Wit... aws.amazon.com/about-aws/what…



Created a simple script to create a honeytoken for Azure Key vault with an actual AAD Service Principal. gist.github.com/karimelmel/426…
Would it be interesting with a companion blog post on this and some more functionality, such as creating detections and keeping track of tokens++?


Happy holidays to one and all of you beautiful people on here. May your 2023 be filled with less demanding prs and all the time in the world to innovate.
According to this, CodeCommit is only free if you have 5 or less users. Otherwise it is $1 per user per month.
My understanding is that Github and BitBucket have private repos, for free, with no such limitations.
What is the benefit of paying for CodeCommit when I can …
Added 99.151.186.0/23
Added 99.151.188.0/23
- 🖊️ This digest was forwarded to you? Subscribe here
- 📢 Promote your content with sponsorship
- 💌 Want to suggest new content: contact me or reply to this email