배경 시작은 오류 메세지였다. Some controls have been disabled because you are missing the correct permission(s). The missing permission(s) are: aws-marketplace:ViewSubscriptions, aws-marketplace:Subscribe. 1. AWS MarketPlace에서 특정 제품을 구독하기 위해 'Continue to Subscribe' 버튼을 눌렀더니 아래와 같이 메세지가 나왔다. 2. 그 동안 클라우드 경험상 이건 분명 저 권한이 없기 때문에 뜬건 아닌 것 같다는 느낌이 들었고, 역시나 난 Administrator였다. 3. cloudtrail도 찾아보고(해당 리전에서 안나오면 글로벌 서..
aws를 feedly를 통해서 다양한 소식들을 보곤하는데 엄청난걸 봐버렸다. https://aws.amazon.com/ko/blogs/security/how-to-enable-secure-seamless-single-sign-on-to-amazon-ec2-windows-instances-with-aws-sso/ How to enable secure seamless single sign-on to Amazon EC2 Windows instances with AWS SSO | Amazon Web Services Today, we’re launching new functionality that simplifies the experience to securely access your AWS compute ins..
1. Guardrail : Disallow deletion of log archive { "Version": "2012-10-17", "Statement": [ { "Sid": "GRAUDITBUCKETDELETIONPROHIBITED", "Effect": "Deny", "Action": [ "s3:DeleteBucket" ], "Resource": [ "arn:aws:s3:::aws-controltower*" ], "Condition": { "ArnNotLike": { "aws:PrincipalARN":"arn:aws:iam::*:role/AWSControlTowerExecution" } } } ] } 2. Guardrail : Disallow Changes to Encryption Configurat..
aws cli 버전 : aws-cli/2.1.11 Python/3.7.9 Windows/10 exe/AMD64 prompt/off python 버전 : 3.8.5 CIS Benchmark 다운로드 링크 : www.cisecurity.org/blog/foundational-cloud-security-with-cis-benchmarks/ Blog | Foundational Cloud Security with CIS Benchmarks Implementiong foundational cloud security systems to harden environments protect against cyber-attacks and misconfiguration. www.cisecurity.org 에드센스가 안붙네요...
aws cli 버전 : aws-cli/2.1.11 Python/3.7.9 Windows/10 exe/AMD64 prompt/off python 버전 : 3.8.5 CIS Benchmark 다운로드 링크 : www.cisecurity.org/blog/foundational-cloud-security-with-cis-benchmarks/ Blog | Foundational Cloud Security with CIS Benchmarks Implementiong foundational cloud security systems to harden environments protect against cyber-attacks and misconfiguration. www.cisecurity.org 실수로 1.12를 건..
- Total
- Today
- Yesterday
- stateType
- CIS
- IAM
- AWS #CIS
- defaulttheme
- ViaAWSService
- REACT
- ControlTower
- fleet manager
- .get()
- teplate
- terraform
- security
- Cloud
- web
- compliance
- 4xx
- aws
- temlate
- findinglatestversion
- 2xx
- JavaScript
- steampipe
- 우주와컴퓨터
- cloudsecurity
- platform
- 계정정보저장
- opensource
- scp
- conftest policy
일 | 월 | 화 | 수 | 목 | 금 | 토 |
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | |||
5 | 6 | 7 | 8 | 9 | 10 | 11 |
12 | 13 | 14 | 15 | 16 | 17 | 18 |
19 | 20 | 21 | 22 | 23 | 24 | 25 |
26 | 27 | 28 | 29 | 30 | 31 |