Episode description
Links:
- Twilio's disclosure of an Employee and Customer Account Compromise.
- Update of AWS Security Reference Architecture is now available
- As the linked tweet says: "If you check out the AWS docs on IAM policy parsing order there is a flowchart that shows you can get an Allow outcome before the boundary policy is evaluated."
- IAM-Deescalate: is an open source tool to help users reduce the risk of privilege escalation.