Do(n’t) try this at work - Technically, you _can_ do this

Do(n’t) try this at work Technically, you can do this
Ben Bridts

https://mobile.twitter.com/benbridts/status/1371812381161103362 https://via.benbridts.be/comsum/tweet

https://twitter.com/ben11kehoe/status/1074288317108232192 https://via.benbridts.be/comsum/packrat

https://sprocketfox.io/xssfox/2020/03/05/bigbuckopsworks/ https://via.benbridts.be/comsum/bigbucks

https://github.com/njbmartin/diggydb-nodejs https://via.benbridts.be/comsum/diggy

Using your access key

AWS Management Console

https://docs.aws.amazon.com/cli/latest/reference/iam/delete-login-profile.html

https://docs.aws.amazon.com/IAM/latest/UserGuide/console_controlling-access.html More info: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html

https://signin.aws.amazon.com/federation? Action=login& Issuer=a+python+script& Destination=https%3A%2F%2Fconsole.aws.amazon.com%2F& SigninToken=ow8X9[...]XAyan

Do • Simplify switching between accounts • Start a new
browser for every account Don’t • Use credentials from EC2 / Lambda / CodeBuild / … • Block console access

Infinite Storage

AWS CloudShell

https://aws.amazon.com/cloudshell/faqs/

https://signin.aws.amazon.com/switchrole https://docs.aws.amazon.com/cli/latest/reference/sts/assume-role.html

https://botocore.amazonaws.com/v1/documentation/api/latest/reference/loaders.html

https://github.com/iann0036/vscode-aws-cloudshell https://via.benbridts.be/comsum/vscode

Reducing Errors The easy way

Amazon CloudWatch

https://…execute-api.eu-west-1.amazonaws.com/Prod/run https://…execute-api.eu-west-1.amazonaws.com/Prod/run?fail=y

https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazoncloudwatch.html

Thank you! Ben Bridts [email protected] @BenBridts | @WeAreCloudar www.cloudar.be

Do(n’t) try this at work - Technically, you _can_ do this

Do(n’t) try this at work - Technically, you _can_ do this

Ben Bridts

More Decks by Ben Bridts

Featured

Transcript