AWS IAM:PassRole explained

A common point of confusion when getting started with AWS IAM, and when trying to implement "least privileges" on IAM is the message "is not authorized to perform: iam:PassRole on resource". Usually this refers to "User" or "CloudFormation" as

Effective Actions for AWS IAM

TL;DR I made Effective IAM Actions, a small tool to expand wildcards "*"in IAM Policy Actions so that you can see explicitly what permissions are granted by a policy. It supports multiple statements in each policy, Allow and Deny

Serverless Cost Containment

Serverless soultions is can be incredibly cheap due to their event-based nature - if your system isn't working, you pay barely anything for it. But if you're not careful, serverless can still result in some nasty surprises when it comes to costs.