1. Home
  2. Discover
  3. Technology
  4. DevOps Bulletin

DevOps Bulletin - Digest #97: Hacking AWS Account 😰

#97: Hacking AWS Account
Get ready for another exciting edition of the DevOps weekly newsletter! This week, I've got a lot in store for you.

Learn how to set up a robust CI/CD pipeline for your Serverless app using AWS SAM and GitHub Actions. Also, uncover the vulnerabilities in AWS Lambda that can be exploited to hack into an AWS account via SSRF.

If you're interested in writing better incident reports, don't miss an article on how to write incident reports that people actually want to read. Plus, discover how to test Step Functions locally with Docker, how to optimize problematic MySQL queries with MySQL EXPLAIN, and how to set up a headless browser with AWS Lambda in production.

In addition, I've got a comprehensive guide to Terraform security best practices, as well as an ultimate guide to DynamoDB streams.

Don't forget to check out our open-source projects of the week, including a CLI designed to make Git easier to use, ZeusCloud, an open-source cloud security platform, and an experimental PostgreSQL extension that brings OpenAI API to your queries.

This is one DevOps newsletter you won't want to miss!
📖 POSTS OF THE WEEK
Build a Serverless Gym App with ChatGPT, Twilio and WhatsApp
Build a Serverless workout generator using AWS Lambda, Golang, ChatGPT, Twilio, and WhatsApp, and set up a CI/CD pipeline with SAM and GitHub Actions.
Read more »
"Hacking AWS account via AWS Lambda SSRF" - SSRF scenario on AWS Lambda and how it can be dangerous for your AWS environment - Read more »
"Incident write-ups they want to read" - How to write incident reports that people want to read, whether public or internal-only - Read more »
"How to test Step Functions state machine locally" - How to implement Step Functions Local using Docker to test all state machine paths in isolation - Read more »
"How to read MySQL EXPLAINs" - How to utilize MySQL EXPLAIN to remedy problematic queries - Read more »
"Serverless Puppeteer" - How to setup a headless browser with AWS Lambda in production - Read more »
"Terraform security best practices" - Guidance for using Terraform in a secure way by reference to some security best practices - Read more »
"What you should know about DynamoDB Streams" - Practical post on how to use, when to use and why you should DynamoDb streams - Read more »
🛠 PROJECTS OF THE WEEK
1️⃣ Gut is a CLI designed to make Git easier to use - Learn more »
2️⃣ Effortlessly enumerate your AWS Account with Balcony - Learn more »
3️⃣ Open Source Webhooks Gateway; For both incoming & outgoing events - Learn more »
4️⃣ Cfnctl brings the Terraform cli experience to AWS CloudFormation - Learn more »
5️⃣ ZeusCloud is an open source cloud security platform - Learn more »
6️⃣ Experimental extension that brings OpenAI API to your PostgreSQL to run queries in human language - Learn more »
📰 NEWSWORTHY STORIES
"Read every single error" - Read more »
"S3 as an eternal service" - Read more »
"Immutable Linux distributions" - Read more »
📕 BOOK OF THE WEEK
Not a tech book but highly recommended if you want to increase your productivity. "The 80/20 Rule" is a book that talks about a simple idea: 80% of the good things that happen in our lives come from only 20% of the things we do. The book explains how this idea can be applied to many different parts of our lives, like work, relationships, and personal goals.
💼 OPEN JOBS OF THE WEEK
Engineering Manager @Starburst
AWS, MySQL, GCP
🌎 Remote, anywhere
Read more »
DevOps Engineer @Revolut
Docker, AWS, Jenkins
🌎 Remote, europe
Read more »
Senior Infrastructure Engineer @IVPN
Linux, Python, Security
🌎 Remote, anywhere
Read more »
Hand-picked DevOps opportunities to work from home, remotely, freelance, full-time, part-time, contract and internships - See more »
💡 THREAD OF THE WEEK
Nice April's fool 😅
😂 MEMES OF THE WEEK
I hope you enjoy this week’s newsletter! Share it with a friend or colleague if you find it helpful, drop me an email or send me a DM on Twitter about topics you’d like to hear about in future editions.
Remember to share if you enjoyed this issue!
Share Share
Tweet Tweet
Forward Forward
Copyright © 2023 DevOps Bulletin, All rights reserved.
Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Older messages

Digest #96: Kubernetes Broke Reddit 😳

Monday, March 27, 2023

Digest #96: Kubernetes Broke Reddit 😳 #96: Kubernetes Broke Reddit Get ready to supercharge your DevOps knowledge with another jam-packed edition of our weekly DevOps newsletter! Unravel the mystery

Digest #95: ChatGPT for DevOps 😎

Monday, March 20, 2023

Digest #95: ChatGPT for DevOps 😎 #95: ChatGPT for DevOps Get ready for an exciting edition of our weekly DevOps newsletter! This week, we've got a diverse range of topics that will help you level

Digest #94: Postgres Explained 😎

Monday, March 13, 2023

Digest #94: Postgres Explained 😎 #94: Postgres Explained Get ready for another action-packed edition of our weekly DevOps newsletter! This week, I'm covering a diverse range of topics that will

Digest #93: Why Use Message Brokers 👀

Monday, March 6, 2023

Digest #93: Why Use Message Brokers 👀 #93: Why Use Message Brokers Get ready for another jam-packed edition of our weekly DevOps newsletter! This week, I'm covering everything from monitoring

Digest #92: Infrastructure Drift 🔎

Monday, February 27, 2023

Digest #92: Infrastructure Drift 🔎 #92: Infrastructure Drift Welcome to this week's edition of DevOps Bulletin newsletter. Here's a roundup of the latest topics in the world of cloud

You Might Also Like

⚙️ Your own Personal AI Agent, for Everything

Saturday, November 23, 2024

November 23, 2024 | Read Online Subscribe | Advertise Good Morning. Welcome to this special edition of The Deep View, brought to you in collaboration with Convergence. Imagine if you had a digital

Educational Byte: Are Privacy Coins Like Monero and Zcash Legal?

Saturday, November 23, 2024

Top Tech Content sent at Noon! How the world collects web data Read this email in your browser How are you, @newsletterest1? 🪐 What's happening in tech today, November 23, 2024? The HackerNoon

🐍 New Python tutorials on Real Python

Saturday, November 23, 2024

Hey there, There's always something going on over at Real Python as far as Python tutorials go. Here's what you may have missed this past week: Black Friday Giveaway @ Real Python This Black

Re: Hackers may have stolen everyone's SSN!

Saturday, November 23, 2024

I wanted to make sure you saw Incogni's Black Friday deal, which is exclusively available for iPhone Life readers. Use coupon code IPHONELIFE to save 58%. Here's why we recommend Incogni for

North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn

Saturday, November 23, 2024

THN Daily Updates Newsletter cover Generative AI For Dummies ($18.00 Value) FREE for a Limited Time Generate a personal assistant with generative AI Download Now Sponsored LATEST NEWS Nov 23, 2024

📧 Building Async APIs in ASP.NET Core - The Right Way

Saturday, November 23, 2024

​ Building Async APIs in ASP .NET Core - The Right Way Read on: m​y website / Read time: 5 minutes The .NET Weekly is brought to you by: Even the smartest AI in the world won't save you from a

WebAIM November 2024 Newsletter

Friday, November 22, 2024

WebAIM November 2024 Newsletter Read this newsletter online at https://webaim.org/newsletter/2024/november Features Using Severity Ratings to Prioritize Web Accessibility Remediation When it comes to

➡️ Why Your Phone Doesn't Want You to Sideload Apps — Setting the Default Gateway in Linux

Friday, November 22, 2024

Also: Hey Apple, It's Time to Upgrade the Macs Storage, and More! How-To Geek Logo November 22, 2024 Did You Know Fantasy author JRR Tolkien is credited with inventing the main concept of orcs and

JSK Daily for Nov 22, 2024

Friday, November 22, 2024

JSK Daily for Nov 22, 2024 View this email in your browser A community curated daily e-mail of JavaScript news React E-Commerce App for Digital Products: Part 4 (Creating the Home Page) This component

Spyglass Dispatch: The Fate of Chrome • Amazon Tops Up Anthropic • Pros Quit Xitter • Brave Powers AI Search • Apple's Lazy AI River • RIP Enrique Allen

Friday, November 22, 2024

The Fate of Chrome • Amazon Tops Up Anthropic • Pros Quit Xitter • Brave Powers AI Search • Apple's Lazy AI River • RIP Enrique Allen The Spyglass Dispatch is a free newsletter sent out daily on