Fix CloudFormation, Pretty Please

Talking to a client and was reminded of these issues that still need to be addressed by CloudFormation

Teri Radichel
Cloud Security
Published in
11 min readJul 31, 2024

--

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: CloudFormation | AWS Security | Cloud Security

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

As I’ve written about before I love CloudFormation for it’s benefits — which are huge if you understand the underlying security implications. But it has issues. We can all love things or people with issues for the benefits they provide, but wouldn’t it be great if they could fix the issues?

I was just talking to a client today and decided to churn out this post to revisit the issues most of which we agree on. If AWS could fix these things, CloudFormation would be easier to use…

--

--

Teri Radichel
Cloud Security

CEO 2nd Sight Lab | Penetration Testing & Assessments | AWS Hero | Masters of Infosec & Software Engineering | GSE 240 etc | IANS | SANS Difference Makers Award