Skip to content

The personal website of Phil MassynΒΆ

The root account

The AWS Root account is an absolute god user for your AWS account. This account must be kept secure, and only used in absolute emergencies. For an account that is so sensitive and secure, I was quite surprised that it is integrated into almost everything that Amazon does.

Digital Ocean is (probably not) better than AWS

Earlier this week, while browsing through my Twitter feed, I saw a post where someone was saying that Digital Ocean was better than AWS. Having used both of them extensively, the post caught my attention, and after reading through the comments, it became very clear to me that there was a huge misunderstanding between the two services. Let's break it down.

Accessing your EC2 instances securely

Cloud-native applications are certainly the way to go to maximize your cloud investment, however, for many organizations, redeveloping their in-house applications to be cloud-native can be a daunting (and expensive) exercise. So in many cases, it makes sense to lift-and-shift the on-prem servers to the cloud to utilize at least some of the benefits of cloud infrastructure.

Having those servers in the cloud is one thing, how do you connect securely to them to perform your support tasks?

Privilege escalation risks in AWS

A privilege escalation risk is where a user account within a system has the ability to elevate their privileges to a higher level than what was originally intended. This can have disastrous consequences, particularly if you have an insider threat. This type of risk is not limited to insiders only. Any user account with the right permissions can result in unwanted elevated permissions.