This post original appeared on the CommonFate.io blog. Still using IAM Users for AWS access? You're not alone. According to Datadog's 2024 State of Cloud Security report, 46% of organizations still rely on IAM Users
rowan
A collection of 66 posts
Moving from IAM Users to AWS Identity Center
This post original appeared on the CommonFate.io blog. If you’re the administrator or owner of an AWS environment and are still relying on IAM users for your human users to access AWS IAM, then you should be considering
Programmatic AWS Action List!
It's happened. It's finally here. No, I'm not talking about the next iPhone. I'm talking about programmatic access to the AWS IAM action list! Wait, what do you mean "I'
Find deprecated Lambda runtimes in your environment
List all AWS Lambda functions running deprecated runtimes in your environment as a spreadsheet.
Passing the AWS Security Speciality in 2024 (SCS-C02)
Last week I passed the latest version of the AWS Security Speciality (SCS-C02). The Security Speciality certification assesses your knowledge of the various AWS security services, and the security capabilities of more general services offered by AWS. Big shoutout to
CloudFront OAC for S3 policy
Set up OAC between CloudFront and your bucket with aws:SourceArn.
External ID policy review
Granting 3rd parties access to your AWS resources via roles should always use external ID condition. If a vendor asks you to provision an IAM user with access + secret key in 2023, they're doing it wrong. External IDs
AWS managed polices: Lambda Basic Execution Role
The AWSLambdaBasicExecutionRole is an AWS managed policy, and one of the most common managed policies you should consider using, at least for quick development; it's the minimum amount of permissions to see what your AWS Lambda functions are