Secure your CloudFront Distributions

UPDATE: AWS announced over the weekend that they're enhancing protections against this kind of scenario. A few weeks ago a security researcher shared it was possible to hijack domains that were misconfigured in Amazon CloudFront, Amazon's CDN-as-a-service. Being able to

Federated CodeCommit Access

CodeCommit access via federated credentials is the way to go. You're not using long-lived Access Keys are you? Bad engineer! Stop that! For better or worse, federated IAM access requires you to use the HTTPS endpoint with a git credential

A last minute guide to re:Invent

I'm fortunate enough to be heading back to AWS re:Invent this year. If tickets aren't sold out by the time you read this, they will be soon. Here's a few things I learnt from last year that would've helped:

Getting Started with AWS SAM Local

The AWS blog gave me a very pleasant surprise the other day: AWS SAM Local is in public beta. It's a golang CLI project that's distributed via NPM. SAM Local leverages Docker to run you code in local containers, and