How to set up ongoing replication from your third-party secrets manager to AWS Secrets Manager | Amazon Web Services
Secrets managers are a great tool to securely store your secrets and provide access to secret material to a set of individuals, applications, or systems that you trust. Across your environments, you might have multiple secrets managers hosted on different providers, which can increase the complexity of maintaining a consistent operating model for your secrets. […]
Attacking Firecracker: AWS' microVM Monitor Written in Rust - Blog | Grapl
Firecracker is a microVM manager in Rust that powers AWS services like Lambda and Fargate. It's also one of the key components of Grapl's multi-tenant isolation. A critical dependency deserves some red teaming - here's how we attacked AWS Firecracker.
Diving into IAM Roles for Service Accounts | Amazon Web Services
A common challenge architects face when designing a Kubernetes solution on AWS is how to grant containerized workload permissions to access an AWS service or resource. AWS Identity and Access Management (IAM) provides fine-grained access control where you can specify who can access which AWS service or resources, ensuring the principle of least privilege. The challenge […]
Container scanning updates in Amazon ECR private registries using Amazon Inspector | Amazon Web Services
We announced a new Amazon Inspector last week at re:Invent 2021 with improved vulnerability management for cloud workloads. Amazon Inspector is a service used by organizations of all sizes to automate security assessment and management at scale. For Amazon Elastic Container Registry (Amazon ECR) private registry customers, this announcement brings updates, enhancements, and integrations to […]