Articles in the category "AWS"

Sneaky Injections - CloudFormation

During one of our recent AWS Security Reviews, I ran across an interesting technique that attackers can use to create a backdoor in AWS accounts. It works by using three S3 IAM actions, CloudFormation, and an administrator who is not careful enough. This vector is not new but still scary - and today, I will show you how to check your account for this risk and any previous compromises.

Do you do Lambda Spaghetti?

Last week in the AWS slack developer channel once again, somebody was asking: “How can I run a Lambda locally?”. Well, that is a valid question, but there is a chance that you only think you need a local Lambda emulator because you do Lambda Spaghetti! Spaghetti code is a phrase for unstructured and difficult-to-maintain source code. I show you an easier way to test Lambdas locally and have some arguments that a local Lambda runtime should only be the very last resort. On top, you get examples in Pasta-Python, Gemelli-Go and Tortellini-Typescript.

How the Application Load Balancer works

Load Balancers are a key component in scalable and fault tolerant architectures. The basic idea is fairly simple, but the implementation involves a fair bit of complexity. In this post I‘ll explain the different components, how they interact, and how requests flow through a load-balanced architecture.