unicrons.cloud's Avatar

unicrons.cloud

@unicrons.cloud.bsky.social

https://unicrons.cloud

11 Followers  |  10 Following  |  21 Posts  |  Joined: 06.02.2024  |  1.752

Latest posts by unicrons.cloud on Bluesky

WriteUp: Cloud Security Championship #1 - unicrons.cloud

New post! πŸ“° WriteUp: Cloud Security Championship #1

unicrons.cloud/en/2025/07/0...

07.07.2025 18:36 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Probably you don't know how we look like so this is us

30.06.2025 21:44 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

We're at @fwdcloudsec.org and we have stickers. I do not know what else to say so just find us (or the stickers we left around πŸ˜‚)

30.06.2025 21:44 β€” πŸ‘ 0    πŸ” 2    πŸ’¬ 1    πŸ“Œ 0
IAM policy mishaps: Case 2 - SNS - unicrons.cloud

Pensabais que nos habΓ­amos olvidado de la serie de IAM? Bueno, pues es correcto. PerdΓ³n por el retraso, pero aquΓ­ estamos de nuevo.

Hoy como estrella invitada: SNS ⭐️

unicrons.cloud/es/2025/02/2...

10.03.2025 11:13 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
IAM policy mishaps: Case 2 - SNS - unicrons.cloud

Did you think we had forgotten about the IAM series? Well, you were right. Sorry for the delay, but here we are again.

Today SNS as starring guest. ⭐️

unicrons.cloud/en/2025/02/2...

10.03.2025 11:13 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 1    πŸ“Œ 0
Post image

Do you agree with this chatGPT definition of "misconfiguration" in a cloud security context?

How would you define it?

01.03.2025 11:02 β€” πŸ‘ 0    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
Preview
Awseye - See Inside AWS Accounts Awseye tracks publicly accessible AWS data to help identify and secure known and exposed AWS resources. Empowering defenders with open-source intelligence.

The self described β€œShodan of AWS” is now live! This is an amazing project from Daniel Grzelak that helps democratize cloud resource enumeration for the masses. Very excited about this!
awseye.com

26.11.2024 02:31 β€” πŸ‘ 73    πŸ” 35    πŸ’¬ 2    πŸ“Œ 3
Post image

In one hour we will be talking about Cloud Security in #AWSCommunityDaySpain 😬

PD: we have stickers... πŸ¦„

19.10.2024 10:18 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

On our way to #AWSCommunityDaySpain πŸš† to talk about how to build your own CSPM with @steampipeio, AWS SecurityHub and AWS Organizations.

18.10.2024 08:31 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Deploy IAM Roles across an AWS Organization as code - unicrons.cloud

Do you have a tool that needs permissions across all your AWS accounts? Do you want to manage it using IaC? Check out our latest post! https://unicrons.cloud/en/2024/10/14/deploy-iam-roles-across-an-aws-organization-as-code/

14.10.2024 12:46 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
Post image

Here we go! @fwdcloudsec

17.09.2024 07:15 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
WriteUp: Cloud Village CTF 2024 - unicrons.cloud

You know us, if we see a scoreboard, there we go. And last weekend, we weren't at #defcon32, but we didn't miss the opportunity to participate in the @cloudvillage_dc CTF😬

Here we you have the 5 challenges we were able to solve:
https://unicrons.cloud/en/2024/08/13/writeup-cloud-village-ctf-2024/

13.08.2024 17:53 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 0    πŸ“Œ 0
unicrons.cloudIAM policy mishaps: Case 1 - S3IAM policy mishaps: Intro to IAM

Y aquΓ­ tenΓ©is el enlace del feed en espaΓ±ol: https://unicrons.cloud/es/feed.xml

22.06.2024 15:58 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
unicrons.cloudIAM policy mishaps: Case 1 - S3IAM policy mishaps: Intro to IAM

We have just enabled the RSS feed on our blog. You can subscribe here: https://unicrons.cloud/en/feed.xml

22.06.2024 15:57 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
AWS JSON policy elements: Principal - AWS Identity and Access ManagementAWS JSON policy elements: Principal - AWS Identity and Access Management Describes the Principal element of the AWS JSON policy language.

Because if you add an ARN as `Principal`, it must exists and will generate a unique ID. You can find more information in the following AWS docs, either way if someone can recreate your roles without your authorization, you have a bigger issue.
docs.aws.amazon.com/IAM/latest/U...

16.06.2024 12:21 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0

Extra bit we didn't include in the post: The source roles are included under the `aws:PrincipalArn` condition to avoid losing access if we recreate the roles. Why don't add them as `Principal`?

16.06.2024 12:21 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 1    πŸ“Œ 0
IAM policy mishaps: Case 1 - S3 - unicrons.cloud

TambiΓ©n puedes leerlo en EspaΓ±ol aquΓ­:
unicrons.cloud/es/2024/06/0...

01.06.2024 15:38 β€” πŸ‘ 0    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0
IAM policy mishaps: Case 1 - S3 - unicrons.cloud

It's been a while but the new episode of our IAM series is out! Let's talk about S3:
https://unicrons.cloud/en/2024/06/01/iam-policy-mishaps-case-1---s3/

01.06.2024 15:27 β€” πŸ‘ 1    πŸ” 2    πŸ’¬ 1    πŸ“Œ 1

TambiΓ©n puedes leerlo en EspaΓ±ol aquΓ­
unicrons.cloud/es/2024/02/2...

23.02.2024 14:25 β€” πŸ‘ 1    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
IAM policy mishaps: Intro to IAM - unicrons.cloud

We just launched unicrons.cloud. Check out our first blog post! IAM intro from our Sh3llCON talk, first episode of the series. unicrons.cloud/en/2024/02/2...

23.02.2024 13:49 β€” πŸ‘ 3    πŸ” 2    πŸ’¬ 0    πŸ“Œ 1

@unicrons.cloud is following 10 prominent accounts