Episode description
Last week in security news: CloudFlare had a Confused Deputy Vulnerability, Moving Away from IAM Identity Center, AWS KMS now supports importing asymmetric and HMAC keys, and more!
Links:
- CloudFlare had a Confused Deputy Vulnerability
- As I move away from IAM Identity Center, I find it interesting that a lot of folks I respect are doing similar things.
- I was going to drag this otherwise awesome article disclosing the vulnerability they located within AWS CDK's eks.Cluster component.
- AWS KMS now supports importing asymmetric and HMAC keys
- Tool/ Tip of the week: List of documented and undocumented AWS API models