Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
Worried about AWS IAM permissions that allow you to access data (like S3 objects, CodeCommit code, others) or return credentials in their response? I've updated my list of these potentially dangerous API calls and you can read about them here.
An AWS IAM Security Assessment tool that identifies violations of least privilege & creates a risk-prioritized report.
This tutorial covers building secure AWS AMIs with Packer. We go over building the prerequisite infrastructure to create EC2 AMIs from scratch, how to use the example hardening scripts for CentOS, and how to validate the testing with Amazon Inspector.
Generate Secure IAM Policies Automagically
Introduction to Policy Sentry, an easy way to create least privilege policies by copying/pasting ARNs into a YAML file.