Posts

TL;DR Key takeaways: Building trust and relationships with a community of experts is crucial for success. Continuously staying up-to-date with the latest trends and best practices in your field and maintaining a curious mindset is important for delivering innovative solutions. Diversifying your business streams, such as through a SaaS product or newsletter, can help to increase success and growth. Being a freelancer offers autonomy and independence, but it’s important to also consider the scalability of your business. As my business as an independent AWS consultant enters its fourth year, I am proud to reflect on the growth and success I have achieved over these past few years. ...

💸 Rational Using the public cloud will let you do experiments, iterate, test new services and new capabilities; it will unleash the potential of your teams to do innovation and, in the end, reduce the time to market with innovative products. Cloud computing comes with a promise: “Pay as you go”. In fact, this statement is partially true. However, it is only accurate if you take care – really care – of your active assets on your Cloud Service Provider (CSP). ...

Update from: 2021-12-23 Official Security bulletin from AWS AWSSupportServiceRolePolicy Informational Update https://aws.amazon.com/security/security-bulletins/AWS-2021-007/ You will find below details about the security incident that leads to this unattended access for millions of AWS customers. On 22nd December 2021, AWS deployed a new version (v20) of AWSSupportServiceRolePolicy used by a mandatory role: AWSServiceRoleForSupport for AWS Support access to all AWS Accounts. In this policy, they added the action: s3:getObject which gives access to all customer Amazon S3 data by AWS Support teams. ...

Rational Lately, I was looking for small automation to deploy a simple web redirect for a domain name hosted on Amazon Route 53. I didn’t find anything relevant so I’ve decided to do it by myself. The goal was to have a subdomain redirect to a totaly different domain and path using minimal efforts and infrastructure. From: asd.zoph.io To: http://awssecuritydigest.com Schema Tradeoff It does not support https, but you could use the http as an entrypoint, and then redirect traffic to https as needed. ...

Disclaimer: I’m not a REGEX expert :smile: Lately, I was working for one of my customers on a custom configuration of AWS Config recorder. My customer wanted to record using AWS Config All resources except a few of them: 'AWS::EC2::Subnet' 'AWS::EC2::VPC' 'AWS::EC2::SecurityGroup' Unfortunately, the AWS API and Console do not allow you to do this, you should cherry-pick manually which resource you want to record. The trade-off of this method is that if a new AWS Config resource type came out, it won’t be recorded until you manually select it in your AWS Config recorder setting. ...