this post was submitted on 15 Jun 2023
6 points (100.0% liked)

Cloud Security

696 readers
1 users here now

Preventing storms.

Rules

  1. Be excellent to each other!
  2. Use the article title as the submission title. Do not editorialize the title or add your own commentary to the article title.
  3. No vendor spam. Zero tolerance for content marketing.

founded 1 year ago
MODERATORS
[email protected]
6
How to get rid of AWS access keys- Part 1: The easy wins (www.wiz.io)
submitted 1 year ago by [email protected] to c/[email protected]
4 comments fedilink hide all child comments
 

(I am not fond on vendor's blogs as the signal to noise ratio is very low, since they are written to please search engines more than engineers... but Scott Piper gets a pass.)

I found this insightful, access keys are such a liability that is better to tame as early as possible. Fixing the problem a scale is a lot more challenging.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 1 points 1 year ago

Getting rid of long living access keys is such a win.

Adding an SCP to block creation is mentioned last in the blog post, but I'd sat that's the first thing one should do. That way the problem won't grow as you remove the existing ones (which might take a lot of time).

Good blog post indeed! Not exactly ground breaking but considering how common the problem is I don't blame them for writing it.