Introduction Every DevOps engineer knows the importance of secure, streamlined workflows. A while ago, I found myself managing an array of AWS resources across multiple accounts. My goal was to automate deployments and other tasks using GitHub Actions. The catch? I wanted to avoid hardcoding AWS secret keys in my...
Introduction Interacting with GCP or integrating Terraform deployments securely and efficiently into your CI/CD pipeline requires careful consideration, especially regarding authentication and permissions. Direct Workload Identity Federation offers secure way to authenticate applications without relying on long-lived service account keys. By leveraging Workload Identity Federation, we can grant GitHub...
Introduction When it comes to cloud security, managing who has access to what is absolutely crucial. Organizations are constantly looking for secure ways to manage elevated permissions without compromising security. Google Cloud Platform's (GCP) new PAM product, Privileged Access Manager, solves the issue of handling temporary access to...
Introduction Welcome to the exciting world of cloud security! My journey with AWS security began in 2019 when I earned my first certification, the AWS Certified Solutions Architect Associate and later also the AWS Security Specialty. Since then, my fascination with the cloud has only grown, and I've...
Introduction Imagine you're sitting in a room full of cloud architects and penetration testers, discussing the latest advancements in cloud security. The topic of the day is AWS's transition from Instance Metadata Service version 1 (IMDSv1) to version 2 (IMDSv2). A lot of people in the...
Introduced by Gartner in 2021, Cloud-Native Application Protection Platform promises a single pane of glass for all your cloud security needs. 🛡️ Imagine having all your security tools working together seamlessly, like the Avengers assembling to fight a threat! 💥 But what exactly is CNAPP, and how does it work? Let'...
