In the past it was very common to use AWS credentials (access token and secret) in your GitHub actions pipeline. This poses a security risk because most of the time these AWS credentials are long-lived credentials with a lot of permissions....
I have seen a lot AWS environments and noticed that it is very common that companies use AWS IAM users to log in and access the API. This can cause security issues and is time-consuming to manage but is very easy to improve by setting up AWS IAM Identity Center (Successor to AWS Single Sign-On)....
So you leaked your AWS credentials onto the world wide web, and you are wondering what to do to minimize the damage. There are multiple steps that should be taken, but I do think that the order of these steps matter....
I heard multiple times that AWS scans public GitHub repositories for AWS credentials and informs its users of the leaked credentials.
So I am curious to see this for myself, so I decided to intentionally leak AWS credentials to a Public GitHub repository....
Creating a large network, connecting multiple VPC and an on-premises data center together can be done in multiple ways. In this article I will explain how to do this by using Transit Gateway and Direct Connect on a high-level....
The AWS IAM Identity Center (Successor to AWS Single Sign-On) web console can be hard to navigate when trying to view the AWS accounts attached to an AWS IAM Identity Center (Successor to AWS Single Sign-On) group....
A Transit Gateway Peering Attachment must be accepted by the owner of the attachment. Even if both Transit Gateways are in the same account. To automate this with CloudFormation I have created a custom resource....
There are a lot of very good resources explaining how to set up a S3 website. But not explaining why you should choose one option over the other.
In this article I will not explain step by step how to set up a S3 website....