Introduction Imagine you’re responsible for securing an AWS environment with dozens or even hundreds of accounts. Each account has its own users, permissions, and workloads. One day, you find out that a compromised IAM key in a sandbox account was used to exfiltrate data from an S3 bucket. The...
Introduction When managing an AWS Organization, you often need to execute tasks across multiple AWS accounts. Instead of manually configuring credentials for each account, AWS provides cross-account IAM roles that allow services in one account (such as a Lambda function in the central account) to assume a role in another...
Introduction During Christmas, I had some extra time on my hands - a perfect opportunity to catch up on tech I’d been meaning to explore. A few colleagues had been discussing about Crossplane recently, and it got me curious. What is it really about? How does it fit into...
Introduction In my work with AWS Systems Manager (SSM) documents, I faced a challenge that might resonate with anyone managing complex automation: passing information between steps. Each step in an SSM document executes independently, and I wanted to keep my commands clean, organized, and effective. However, without an easy way...
Introduction In my daily work managing cloud infrastructure, I often faced the challenge of efficiently configuring services and running commands across many machines. With numerous EC2 instances running different applications, it was important to ensure consistent security settings and configurations. However, manually logging into each instance, executing commands, and checking...
Introduction As a developer working with AWS Lambda, I’ve always loved the idea of serverless computing - deploying code without worrying about managing servers. However, one challenge that frequently came up was handling Python dependencies in Lambda functions. Deploying a Lambda function with multiple dependencies can be cumbersome, especially...
