Don’t miss CloudWatch log group permissions

CloudWatch log group permissions are required in order for the log groups to receive events from a sources such as Cloud Watch Event rule. these permissions are added automatically when you create log groups using AWS Console. However when we use terraform to automate the process, these permissions should be added separately otherwise your log […]

AWS Lambda to update SES bounce notification Topics

AWS Lambda to update SES bounce notification : If you are using AWS SES ( Simple Email Service ) to send out emails to your customers, partners through your cloud applications, over the time you may come across bounce email issue which need to be resolved immediately. I advise you to prepare for the worst […]

Security Hub findings – fake EC2 instance i-99999999

If you ever come across a findings as shown below in your Security Hub console with random EC2 instance i-99999999, read on. This is how Security Hub shows the sample findings which could be misleading if you are not aware of Guard Duty sample findings that are generated from your account. the instance id EC2 […]

AWS Security Hub overview

AWS Security Hub gives you a comprehensive view of your high-priority security alerts and security posture across your AWS accounts, refer to this Amazon documentation to understand more about the service. From my general understanding and experience and what I have gathered from different sources of Amazon documentation, here is main points to remember. Pre-requisite […]

Multiple Terraform providers and dynamic lookup

Multiple Terraform providers are helpful when you are working with multiple accounts (AWS) or working on a solution that spans across multiple accounts. You need an efficient way of defining Multiple Terraform providers to be able to lookup each provider dynamically. Following example uses terraform modules , refer to this article to understand how terraform […]