All posts
4 posts · Cloud
GitHub Actions to AWS with OIDC: no more long-lived keysFederate your workflows into AWS with short-lived tokens scoped to repo and branch. Delete the access keys after.Jan 20, 2026 · 8 minIntermediategithub-actionsawsAWS IAM least privilege with Access AnalyzerGenerate tight IAM policies from real CloudTrail activity and find resources shared outside your account.Jan 8, 2026 · 10 minIntermediateawsiamLocking down S3: block public access and enforce encryptionTurn on account-wide Block Public Access, require TLS and encryption with a bucket policy, and verify it.Jul 2, 2025 · 7 minBeginnerawss3Threat detection on AWS with GuardDuty and EventBridgeTurn on GuardDuty across the org and route high-severity findings to Slack and auto-remediation with EventBridge.Feb 11, 2025 · 10 minAdvancedawsguardduty