Describes each of the AWS global condition keys available to use in IAM policies.| docs.aws.amazon.com
Use Amazon VPC to launch AWS resources into a virtual network that is a logically isolated section of the AWS Cloud.| docs.aws.amazon.com
While AWS manages security of the cloud, security in the cloud is the responsibility of the customer. Learn more about the Shared Responsibility Model.| Amazon Web Services, Inc.
Following on the heels of my previous post, Five Functional Facts about AWS Identity and Access Management, I wanted to dive into a separate, yet related way of enforcing access policies in AWS: Service Control Policies (SCPs). SCPs and IAM policies look very similar—both being JSON documents with the same sort of syntax—and it would be easy to mistake one for the other. However, they are used in different contexts and for different purposes. In this post, I'll explain the context where S...| packetmischief.ca
This post is part of an open-ended series I'm writing where I take a specific protocol, app, or whatever-I-feel-like and focus on five functional aspects of that thing in order to expose some of how that thing really works. The topic in this post is the AWS Identity and Access Management (IAM) service. The IAM service holds a unique position within AWS: it doesn't get the attention that the machine learning or AI services get, and doesn't come to mind when buzzwords like "serverless" or "cont...| packetmischief.ca
In a previous post, I reviewed what a public subnet and Internet Gateway (IGW) are and that they allowed outbound and inbound connectivity to instances (ie, virtual machines) running in the AWS cloud. If you're the least bit security conscious, your reaction might be, "No way! I can't have my instances sitting right on the Internet without any protection". Fear not, reader. This post will explain the mechanisms that the Amazon Virtual Private Cloud (VPC) affords you to protect your instances.| packetmischief.ca