Release Date: 28/02/2021 | Issue: 76
CloudSecList is a newsletter for busy professionals who want to keep up to date with the cloud security industry. Hand-curated by Marco Lancini.

If you received it, you either subscribed or someone forwarded it to you. If you fit in the latter camp and want to subscribe, then you can click on this button:
Sign Up

This week's articles

Security Logging in Cloud Environments - AWS   #aws, #monitoring
How to design a state of the art multi-account security logging platform in AWS. (disclaimer: I did write this post).

CNCF Secrets Management Tools Technology Radar   #build
Insights into what tools are used by cloud native practitioners, and more importantly why.

Kubernetes README   #k8s, #explain
A collection of useful resources to read to learn more about Kubernetes.

Help Shape ATT&CK for Containers   #k8s, #monitor
A first draft of an ATT&CK for Containers matrix has been proposed.

Sensitive AWS API Calls That Return Credentials and Data   #aws, #attack
A very useful list of all (or at least some of) the AWS calls that return credentials.

Announcing General Availability of the HashiCorp Terraform Cloud Operator for Kubernetes   #k8s, #terraform
The operator is tailored to the idea of managing Terraform Cloud Workspaces through Kubernetes CustomResourceDefinitions (CRDs).

Kubernetes admission controllers in 5 minutes   #k8s, #defend
What admission controllers are in Kubernetes and how their webhooks can be used to implement image scanning.

Let's encrypt certificates, HTTPS on MicroK8s   #k8s, #build
How to get Let's encrypt working with a default setup of MicroK8s and provision a real certificate for a real domain.

AWS resilience   #k8s, #defend
A thread discussing actionable points to improve resilience of your AWS accounts.


Repository hosting the libsinsp, libscap, the kernel module driver, and the eBPF driver sources.

Kubernetes platform lifecycle management
This project helps you keep track of all your software and tools that are used or running in and around your Kubernetes platform. It helps you with part of the lifecycle management to keep your software up to data for feature completeness, security or compliance reasons.


K8S Threat Model
A page containing resources for threat modelling a Kubernetes cluster.

Sponsor CloudSecList

If you want to get yourΒ productΒ or job ad in front of thousands of security professionals, ranging from engineers to CISOs and VCs, at companies ranging from small start-ups to Fortune500 and FAANG, you can reach out at
πŸ“¨ [email protected] πŸ“¨

From the cloud providers

AWS Icon  Secure and automated domain membership management for EC2 instances with no internet access
How to deploy a solution that helps automate the Active Directory join and unjoin process for EC2 instances that don't have internet access.

AWS Icon  Support for KMS encryption on S3 buckets used by AWS Config
Config now supports the ability to use a KMS key or alias Amazon Resource Name (ARN) that you provide, to encrypt the data delivered to an S3 bucket.

AWS Icon  How to set up a recurring Security Hub summary email
How to set up weekly email notifications using Security Hub to provide account owners with a summary of the existing security findings to prioritize new findings, and links to the Security Hub console for more information.

GCP Icon  Introducing GKE Autopilot
GKE Autopilot gives you a fully managed, hardened Kubernetes cluster out of the box, for true hands-free operations.

GCP Icon  Accessing GCP resources from AWS
How to use identity federation to allow an AWS user or role to impersonate a service account.

GCP Icon  Service Directory is generally available: Simplify your service inventory
Service Directory allows you to easily register services to a single fully managed registry, build a rich ecosystem of services, and uplevel your environment from an infrastructure-centric to a service-centric model.

Azure Icon  Deep Dive into Cloud App Discovery
Deep dive article that explains how to get started in Cloud Discovery from Microsoft Cloud App Security.

Azure Icon  Handling false positives in Azure Sentinel
How to handle false positives in scheduled analytics rules for Sentinel.

Alibaba Cloud Icon  When Kubernetes Encounters Confidential Computing, How Does Alibaba Protect the Data in the Container?
This article describes confidential computing, the architecture of Inclavare Containers, and the development status and planning of Alibaba Cloud ACK-TEE.

Alibaba Cloud Icon  Securing Environments with IDaaS – Part 1
Part 1 of a 2-part series discusses why identity solutions are essential for organizations to begin their cloud-based setup.

Thanks for reading!

If you found this newsletter helpful, I'd really appreciate if you could forward it to your friends and colleagues! πŸ‘Œ

If you have questions, comments, or feedback, let me know on Twitter (@lancinimarco / @CloudSecList), or at!

Forward Forward
Twitter Tweet
Share Share

How did you like this issue of CloudSecList?

1       2       3       4       5

Archives View in browser Sponsorship
Β© 2019-present, CloudSecList by Marco Lancini.