Very Tired Lambda Pricing
AWS Morning Brief for the week of August 8, 2022 with Corey Quinn.
Episodes
AWS Morning Brief
The latest in AWS news, sprinkled with snark. Posts about AWS come out over sixty times a day. We filter through it all to find the hidden gems, the community contributions--the stuff worth hearing about! Then we summarize it with snark and share it with you--minus the nonsense.
Episodes
Single Sign On, Multiple Names
Links: 35K GitHub repos had been compromised by malware. GitHub security issued a response within 24 hours showing what their findings indicate and clarifying the situation. Scale your workforce access management with AWS IAM Identity Center (previously known as AWS SSO) Welcoming the AWS Customer Incident Response Team - Surprisingly this doesn't require a paid support plan. iamlive generates IAM policies from AWS calls via client-side monitoring...
Are AWS account IDs sensitive information?
Want to give your ears a break and read this as an article? You’re looking for this link. Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lower your AWS bill...
Crappy Clone of a Fast Database
AWS Morning Brief for the week of August 1, 2022 with Corey Quinn.
Never Gonna Shut Me Up
Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/Q2Zpg5jQe-Q Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lower your AWS bill...
The Mental Breakdown of Auto-Remediation
Links: The Nigerian government scores this week's S3 Bucket Negligence Award New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals Automatically block suspicious DNS activity with Amazon GuardDuty and Route 53 Resolver DNS Firewall Use Security Hub custom actions to remediate S3 resources based on Macie discovery results There has been significant improvement to the AWS IAM documentation around IAM best practices. Artillery lets you use Lambdas for open source load testing ....
New Cloudscape Cloudscrapes
AWS Morning Brief for the week of July 25, 2022 with Corey Quinn.
AWS's Disclosure Improvements
Links: Things I wish I knew about AWS WAF - Bot Control How to Protect Your Data from Ransomware with S3 Object Lock It seems that Experian has learned nothing from its string of data breaches The Makati city government is the winner of this week's S3 Bucket Negligence award. A quick overview of AWS principals, identity-based policies, and resource-based policies . Eligible customers can now order a free MFA security key Reported EKS IAM Authenticator Issue I found a handy script that someone be...
Azure's Security Vulnerabilities are Out of Control
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/azures_vulnerabilities_are_quack Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/5iTxtBnCPys Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey...
Immortal AWS Accounts, the Methuselah Pattern
AWS Morning Brief for the week of July 18th, 2022 with Corey Quinn.
AWS Bakery: Rolls Everywhere
Links: My article on the dangers of chatbots led someone to share this concern-affirming tale . Extend AWS IAM roles to workloads outside of AWS with IAM Roles Anywhere How to tune TLS for hybrid post-quantum cryptography with Kyber hasIAMfailedopenyet.com is a site that triggers a Lambda function on every invocation that attempts to access something it cannot....
My Security Posture
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/coreys-security-posture-2022 Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/dHDY69hIvvk Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on ...
How I Spent My Summer Vacation and College Tuition
AWS Morning Brief for the week of July 11, 2022 with Corey Quinn.
Azure Insecurity Templates
Links: The most recently reported Azure vulnerability Amazon Photos exposes customers to risk I (re)discovered Scott Piper's work on Lesser Known Techniques for Attacking AWS Environments . PyPi python packages get caught sending stolen AWS keys to unsecured sites . TLS 1.2 to become the minimum TLS protocol level for all AWS API endpoints GuardDuty has new findings CloudFormation Guard had a new release....
The ChatOps Issue That No One's Chatting About
Want to give your ears a break and read this as an article? You’re looking for this link: https://www.lastweekinaws.com/blog/the-chatops-issue-no-ones-chatting-about Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/eBKZ71OLjG8 Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Foll...
Mr. Selipsky's Geography Class
AWS Morning Brief for the week of July 4th, 2022 with Corey Quinn.
Enter Your Passwordle
Links: Azure has another security issue around its Synapse offering; this one was discovered by Tenable . Sysdig has a dive into the real threats to SSH on EC2. Tailscale has announced the ability to support Tailscale SSH. Chris Farris has a treatise on the The Philosphy of Prevention when it comes to cloud security. Google Cloud CISO Phil Venables asks whether security analogies are counterproductive . A security issue of sorts was discovered around sts:GetSessionToken Role Chaining in AWS The ...
9 Ways AWS Made Me Headdesk When Using The CDK
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/9-ways-aws-cdk-headdesk Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/3Mf3_l6iEtA Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitt...
Concerning Your DeepRacer's Extended Warranty
AWS Morning Brief for the week of June 27, 2022 with Corey Quinn.
Bugcrowd Bugs the Crowd
Links: Travis CI continues to be a security nightmare . Implementing IAM Permission Boundaries with AWS SSO using Terraform A user reported a vulnerability to a company through Bugcrowd. The writeup is really worth reviewing. The RSA conference was apparently a super spreader event . Because nobody beats the Wiz, they've got a post up on the secret agents installed by cloud service providers . Partitioning and Isolating Multi-Tenant SaaS Data with Amazon S3 Service Notice – Upcoming changes requ...
Should I Take a Job at AWS?
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/should-you-take-a-job-at-aws/ Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/BCiUulzr9f8 Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on...
Add a Mantium
AWS Morning Brief for the week of June 20, 2022 with Corey Quinn.
Kubernetes Firewalln't
Links: Azure’s continuing security woes The Meeting Owl videoconference device apparently had significant security problems Brandon Sherman writes about how Temporal structures its access control strategy with regard to AWS This week's S3 Bucket Negligence Award goes to Mobike. Cloud Functions or Cloud Run launched from any GCP organization can bypass Google Kubernetes Engine (GKE) Authorized Networks restrictions Proof of someone migrating to SSO and disabling IAM users entirely . AWS blog post...
re:Invent Keynote 2026: Analysis
Want to give your ears a break and read this as an article? You’re looking for this link: https://www.lastweekinaws.com/blog/reinvent-keynote-incident/ Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/NGvLMsf4Wg8 Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts...
Cars 4, featuring "Pixar Tractor on AWS”
AWS Morning Brief for the week of June 13, 2022 with Corey Quinn.
Azure's Nightmare Year
Links: Nick Jones' review of the AWS Security Model I linked to previously . Microsoft Azure has seen 6 'nightmare' cloud security flaws over the past year . Unsecured Elasticsearch Data Replaced with Ransom Note AWS Systems Manager announces support for port forwarding to remote hosts using Session Manager When and where to use IAM permissions boundaries Security vulnerability in AWS's Managed Workflows for Apache Airflow...
The Strange, Too Familiar Tale of Uncle Suitcase
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/the-strange-too-familiar-tale-of-uncle-suitcase/ Want to watch the full dramatic reenactment of this podcast? Watch the YouTube Video here: https://youtu.be/x70EypnAH1Y Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up ...
Googling the AWS CDK V1
AWS Morning Brief for the week of June 6, 2022, with Corey Quinn.
RSA Prelude
Links: Poisoned Python and PHP packages purloin passwords for AWS access No, your cloud environment doesn't need a sandbox Spring 2022 SOC reports are now available with 150 services in scope Canary Tokens...
The Aurora Serverless Road Not Taken
Want to give your ears a break and read this as an article? You’re looking for this link. https://www.lastweekinaws.com/blog/the-aurora-serverless-road-not-taken/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group ...