S3 Replication with KMS

After much research, I have realized that there isn't really a concise, straight to the point guide on designing replication in S3, using SSE-KMS, and cross-account ownership. So, a quick guide on what has worked for me: In your ORIGIN ACCOUNT Create origin BucketCreate origin IAM roleCreate origin IAM PolicyCreate origin KMS keySet up origin … Continue reading S3 Replication with KMS

Multiple KMS Principals in Terraform

CORRECTION: You can actually implement policies through the normal procedure, example below: principals { type = "AWS" identifiers = [ "ARN", "ARN" } However - You must verify that your Roles are already created! Otherwise you will get what appears to be a generic failure. It was just a coincidence for me that I deployed … Continue reading Multiple KMS Principals in Terraform

The Damn Vulnerable Serverless Application

Serverless is coming, and the basics never really go away! Lambda, automation, and the no infra future In five to ten years virtual machines will be as much relics as mainframes are today. Forrest Brazeal recently wrote an article detailing a coming IT job apocalypse, and how the only way to avoid your job becoming redundant was to develop … Continue reading The Damn Vulnerable Serverless Application