AWS Morning Brief | Connecting All William-Nilliam

Last week in security news: BHIM leaks the details of 7.26 million users, a great rundown of how to think about external IDs for accessing AWS accounts, and a script for reapplying TouchID settings on sudo requests after they get wiped by MacOS updates.

Show Notes

Links:

If you're near Arlington Virgina, come on by Highline this evening at 7PM and let me buy you a drink.
Are you confused by AWS's KMS service? Me too. This guide to KMS helped a lot--and you really don't want to be confused by security things.
BHIM leaks the details of 7.26 million users and scores themselves an S3 Bucket Negligence Award in the process. Stop doing this!
Securely Using External ID for Accessing AWS Accounts Owned by Others - AWS blesses us with a great rundown of how to think about external IDs for accessing AWS accounts.
Use AWS Network Firewall to filter outbound HTTPS traffic from applications hosted on Amazon EKS and collect hostnames provided by SNI- Don't let your sensitive environments connect all willy-nilly (or more formally, all William-Nilliam) to anything they want on the internet.
Last week I mentioned that you might want to enable TouchID to approve sudo requests on macOS. A couple of you pointed out that this setting gets wiped on OS updates, so having a script like this handy to reapply it will likely serve you well.
Cloudfox is a great collection of scripts stuffed into a framework and called a tool that empowers cloud penetration tests. Much like the industry, it biases heavily for AWS; take a look.

What is AWS Morning Brief?

The latest in AWS news, sprinkled with snark. Posts about AWS come out over sixty times a day. We filter through it all to find the hidden gems, the community contributions--the stuff worth hearing about! Then we summarize it with snark and share it with you--minus the nonsense.