Technology
Defining Security Invariants - 2025 revision to include SCP, RCP, Declarative Policies
How do you deploy security invariants in an AWS org management account? With Permission Boundaries tied to every principal.
Everyone has a preferred cloud provider and you probably govern that one pretty well. But like it or not, your organization is using the other providers and you need to govern them too. This blog post covers the minimum things to do in your non-preferred providers.
I deliberately published an Access Key and Secrets. Here's what happened.