Prevent Expensive AWS API Actions with SCPs - Hacking The Cloud
Avoid AWS bill surprises by blocking known-expensive API calls with an SCP.| hackingthe.cloud
Follow these best practices for using AWS Identity and Access Management (IAM) to help secure your AWS account and resources.| docs.aws.amazon.com
How to authenticate requests and manage access to your Amazon S3 resources.| docs.aws.amazon.com
Control ownership of new objects that are uploaded to your Amazon S3 bucket and disable access control lists (ACLs) for your bucket using S3 Object Ownership.| docs.aws.amazon.com
Avoid AWS bill surprises by blocking known-expensive API calls with an SCP.| hackingthe.cloud
A Vault must be unsealed before it can access its data. Likewise, it can be sealed to lock it down.| Seal/Unseal | Vault | HashiCorp Developer
Learn about AWS policies and how they work to define permissions for AWS services and resources.| docs.aws.amazon.com
In this post, we look back on the 2021 cloud security data breaches and vulnerabilities in AWS, and showcase best practices to avoid them.| Christophe Tafani-Dereeper
With the AWS CDK, developers or administrators can define their cloud infrastructure by using a supported programming language. CDK applications should be organized into logical units, such as API, database, and monitoring resources, and optionally have a pipeline for automated deployments. The logical units should be implemented as constructs including the following:| docs.aws.amazon.com
Describes each of the AWS global condition keys available to use in IAM policies.| docs.aws.amazon.com
Modify existing GuardDuty configurations in the target account to hinder alerting and remediation capabilities.| hackingthe.cloud
June 20 2023: The wording in this post has been updated to avoid confusion around the use of wildcards in the principal element of an AWS Identity and Access Management (IAM) trust policy statement. November 3, 2022: We updated this post to fix some syntax errors in the policy statements and to add additional use […]| Amazon Web Services
Access management for AWS services and resources. Manage fine-grained permissions and analyze access to refine permissions.| Amazon Web Services, Inc.
