AWS IAM:PassRole explained
A common point of confusion when getting started with AWS IAM, and when trying to implement "least privileges" on IAM is the message "is not...
Amplify, Amplify, and Amplify
"AWS Amplify" is easy to say, but what does it mean? Is it Amplify.js? The AWS Amplify Console? The Amplify Framework? Wonder no more, and read on to uncover the truth of Amplify!...
The CloudFormation Layer Cake
So I've had the idea of this post for a while. Like "3 years ago" a while: CFN Layer Cake FTW!I first came across...
CloudFormation Examples on GitHub
AWS documentation letting you down? Never fear, GitHub can help with that! Find CloudFormation examples quickly and easily....
Effective Actions for AWS IAM
TL;DR I made Effective IAM Actions [https://bigorange.cloud/actions/], a small tool to expand wildcards "*"in IAM Policy Actions [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_action.html] so that you can see explicitly what permissions are granted by a policy. It supports multiple statements in each policy, Allow...
Managing Secure String Parameters in CloudFormation
This was a nifty little trick I just learnt from my colleague James the other day that is definitely worth sharing more widely. While CloudFormation does not support SecureStrings for AWS::SSM::Parameters [https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ssm-parameter.html#cfn-ssm-parameter-description] resources, you can can fudge it with this one weird trick;...