AWS accounts with leading zeros can play havoc with your YAML, so use ARNs instead.
aws
A collection of 42 posts
AWS IAM:PassRole explained
A common point of confusion when getting started with AWS IAM, and when trying to implement "least privileges" on IAM is the message "is not authorized to perform: iam:PassRole on resource". Usually this refers to
Amplify, Amplify, and Amplify
"AWS Amplify" is easy to say, but what does it mean? Is it Amplify.js? The AWS Amplify Console? The Amplify Framework? Wonder no more, and read on to uncover the truth of Amplify!
The CloudFormation Layer Cake
So I've had the idea of this post for a while. Like "3 years ago" a while: CFN Layer Cake FTW!I first came across the idea of the CloudFormation Layer Cake from this AWS Advent
CloudFormation Examples on GitHub
AWS documentation letting you down? Never fear, GitHub can help with that! Find CloudFormation examples quickly and easily.
Effective Actions for AWS IAM
TL;DR I made Effective IAM Actions [https://bigorange.cloud/actions/], a small tool to expand wildcards "*"in IAM Policy Actions [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_action.html] so that you can
Don't use Tags to Manage Permissions in AWS
The main problem is this: By using tags for authorisation, you have a multitude of completely new - per-service - actions that can be used to compromise your security posture.
Best Practices for AWS Step Functions
Recently I've been working with Step Functions in my day-to-day work, as well as in my personal projects, and I decided to write this post as a way of articulating the ins-and-outs of Step Functions I've