What do you do when there are constantly vulnerabilities in production? Well, if your product runs heavily in containers, trying to deal with them before they make it into production is an option. In this post, I’m going to look at packaging a small Python code base in images of various sizes and how that can affect vulnerability counts in the end “product”. I’m going to use Python for this because it’s a language I’m comfortable with.

This is the fifth and final post in what is a multi-part series on some suggestions based on AWS Well-Architected Framework best practices focused on setting up an AWS account(s) for personal use and learning. For other parts in the series see: Part 1 - AWS For Personal Use/Learning: Secure Multi-Account Setup Part 2 - AWS For Personal Use/Learning: Identity and Access Management Part 3 - AWS For Personal Use/Learning: Account Level Guardrails Part 4 - AWS For Personal Use/Learning: The Audit Trail If you have IAM identities (users, roles) and compute workloads running in AWS, there is no excuse to not be using Amazon GuardDuty.

This is the fourth post in what is a multi-part series on some suggestions based on AWS Well-Architected Framework best practices focused on setting up an AWS account(s) for personal use and learning. For other parts in the series see: Part 1 - AWS For Personal Use/Learning: Secure Multi-Account Setup Part 2 - AWS For Personal Use/Learning: Identity and Access Management Part 3 - AWS For Personal Use/Learning: Account Level Guardrails Part 5 - AWS For Personal Use/Learning: Intelligent Threat Detection An important part of security is attribution or accountability - who did what (also helpful is when and sometimes from where).

This is the third post in what is a multi-part series on some suggestions based on AWS Well-Architected Framework best practices focused on setting up an AWS account(s) for personal use and learning. For other parts in the series see: Part 1 - AWS For Personal Use/Learning: Secure Multi-Account Setup Part 2 - AWS For Personal Use/Learning: Identity and Access Management Part 4 - AWS For Personal Use/Learning: The Audit Trail Part 5 - AWS For Personal Use/Learning: Intelligent Threat Detection So far in this multi-part series, the benefits of multiple AWS accounts has been discussed and AWS Organizations has been configured to enable that approach.

This is the second post in what is a multi-part series on some suggestions based on AWS Well-Architected Framework best practices focused on setting up an AWS account(s) for personal use and learning. For other parts in the series see: Part 1 - AWS For Personal Use/Learning: Secure Multi-Account Setup Part 3 - AWS For Personal Use/Learning: Account Level Guardrails Part 4 - AWS For Personal Use/Learning: The Audit Trail Part 5 - AWS For Personal Use/Learning: Intelligent Threat Detection With everything locked down in the management account and potentially no AWS Organizations cross account role created, how the heck does the account get used without using the root account!