Karen Haberkorn

So, we try to design with the assumption that most people will click whichever button draws their attention, while trying to make sure the dedicated readers can absorb the information they seek. This doesn’t prevent reviewers from believing fine-tuning informational text will affect outcomes though.

One of our consistent usability test findings is that the majority of customers do not read anything. Amount of text, placement, color - you can nudge the percent who read, but not much. (A persistent minority will read everything, carefully, especially during a study.)

wait... I didn't think of that! It's a 24-day calendar that just happens to be labeled "advent." Brilliant!

You can now sign in with Google to access AWS applications and experiences such as AWS Training and Certification and AWS re:Post. That's one fewer personal credential to remember and manage. aws.amazon.com/about-aws/wh...

Party like it's 2001! Mariners clinch first AL West crown in 24 years SEATTLE -- When they talk about this night for years to come, the dialogue will center on the baseball that was demolished into territory that few have ever reached, along with the banner that will so...

Mariners! I have lived in Seattle for the end of 23 baseball seasons, and this is their first AL West division win. A true gem pitched by La Piedra, and Cal Raleigh hit homers 59 and 60. Bring on the champagne. #mariners www.mlb.com/news/mariner...

I graduated in '89 which isn't quite the 90's, but they had to close the cafeteria at one of the high schools I attended in southwestern va. because white kids were starting food fights with the black students. It wasn't subtle who was starting the food fights. It still makes me mad.

Good news, #AWSIAMIdentityCenter customers! You can now use customer-managed keys to encrypt your identity data at rest. aws.amazon.com/about-aws/wh... #AWS

Good point - and good feedback. Luckily there are lots of examples.

Unlock new possibilities: AWS Organizations service control policy now supports full IAM language | Amazon Web Services Amazon Web Service (AWS) recently announced that AWS Organizations now offers full AWS Identity and Access Management (IAM) policy language support for service control policies (SCPs). With this featu...

Friday treat for fans of #AWSIAM : you can now author service control policies with all IAM language constructs, eliminating previous sharp edges such as only being able to use NotAction in Deny statements: aws.amazon.com/blogs/securi...

Extra credit for hitting his record-breaking HR on a night when he hit one from each side of the plate!

Cal Raleigh! My favorite part about his historic night is that not only does he now hold the record for most home runs by a switch hitter, but he hit two in the record-breaking game, one from each side of the plate.

Me too. I thought I was too snobby about books to enjoy such a silly book but I enjoyed it -- a lot -- in spite of myself.

At the same time, we launched three new condition keys so you can implement fine-grained controls over the generation, expiration, and the type of API keys allowed for Amazon Bedrock. aws.amazon.com/about-aws/wh... Keep the feedback coming!

Thanks to folks including @frichetten.com for feedback about our Bedrock API key launch. We're listening. Yesterday, we updated Bedrock and IAM docs (see docs.aws.amazon.com/bedrock/late...) to clarify that these are service-specific credentials and how to prevent their use in your environment. 1/2

Use scalable controls to help prevent access from unexpected networks | Amazon Web Services As your organization grows, the amount of data you own and the number of data sources to store and process your data across multiple Amazon Web Services (AWS) accounts increases. Enforcing consistent ...

Check out these new AWS IAM context keys that make is easier to restrict access to AWS resources to expected networks -- and that use less policy space! aws.amazon.com/blogs/securi...

Sigh.

that looks bad - but also like something other than an s3 bucket. did it get an honorary S3 Bucket Negligence Award?

I can't resist playing this game one more time. As an Organizations admin, you used to have to log into the AWS Management Console for each member account individually if you wanted to close that account. Now you can close member accounts centrally, either programmatically or in the console.

Speaking of public access, when was the last time you gave an S3 Bucket Negligence Award, @quinnypig.com ?

And, to make cleaning up existing accounts easier, when we made that change in fall 2023, we also enabled AMI BPA for existing accounts that hadn't owned a public AMI for 90 days.

On a related note, you used to have to think about whether AMIs were public too (not in the same way as S3 buckets, but a similar theme). Now, AMI BPA is enabled by default for all new AWS accounts.

Starting in spring 2023, all new S3 buckets were created with S3 BPA enabled by default instead of you having to turn it on yourself.

Then, starting in Nov'19, you could turn on IAM Access Analyzer and it would check all of your S3 buckets for you to see if any were public instead of you auditing all of them yourself.

As of Nov'18, you could use a Block Public Access (BPA) control to disable public access to all buckets in an account instead of doing so one bucket policy at a time. But, you had to turn BPA on and audit your accounts/buckets yourself to see if any were unintentionally open for public access.

ok! I like this game. Here's a personal favorite: prior to Nov'18, you had to carefully craft each S3 bucket policy to avoid ending up in the newspaper because you unintentionally made a bucket with important data open to the public.

Is this game off limits to employees? I could keep going. 😁

You used to have to secure the root creds of each account in AWS Organizations... but now you can just delete all the member account root creds. If you use Managed Active Directory, you had to manage (and pay for) an instance in every account.... but now you can just share a single instance.

I loved that anecdote, and it was new to me too! Singing her top hit that she had sung a billion times, no less.

Lighthouse at Lime Kiln State Park, San Juan Island, WA - with rocky shoreline

So many lovely things in this world. Lime Kiln State Park, San Juan Island, Washington

Imagine if all elections were like the primary in WA today. I received my ballot in the mail weeks ago, with a voter’s guide, automatically. I walked it to a drop box on Sunday - no postage needed. I got a text yesterday that my ballot was received, and it will be part of today’s initial results.