John: “Hey Eric, I need to access project-xyz dev account! Can you help me in some way?” Me: “Sure, but what kind of access do you need?” John:

If you ever wanted to understand how an AWS multi-account strategy works, you’re in the right place! In this blog post, we’ll explore a bottom-up approach where we’ll see how to secure your single AWS account and then move to a multi-account organization with a fun take. One box to rule them all So, first of…

If you need to clarify what are the different kinds of AWS Credentials available, how they’re generated, what they’re used for, and what are the best practices to manage them in a proper way, I think you landed in the right spot! Spoiler: we’re going to focus on programmatic access…

The cloud environment is fragmented. We know it; AWS makes no exception! While the AWS CLI already allows managing multiple accounts, the console experience is still far behind: it allows one connected session per browser instance by default. This is a great downfall when one frequently changes between accounts, which is normally part of the daily routine of CloudOps. So you may…

An AWS Community Builder guide to enjoying the biggest AWS event at the best Today, I want to share with you the sessions and events I’m more excited about as an AWS Community builder with a focus on the best way to operate securely in AWS. Launched in 2012, re:Invent is the annual developer conference hosted by Amazon Web Services. With more than 60000…

Introduction Ever wanted to create and use your personal AWS Federation with Google as an IdP in a programmatic way? This short article will surely come to the rescue, introducing some of the features of Leapp CLI. Let’s start! Prerequisites AWS Account access with adeguate IAM privileges Google Suite access with Admin…

In the last two weeks, we had a few problems with the Windows certificate of our open-source project Leapp. In the spirit of complete transparency, I'll try to highlight what went wrong and why. Many thanks to Alessandro Gaggia for the support in writing this. Introduction As many of you are…

From Ben Kehoe thread to an OSS tool for the on-demand credentials generation To me, Everything started with this Twitter thread and from that article, by Ben Kehoe: When dealing with CLI or SDKs, we are already used to putting IAM credentials in the .aws/credentials file. However, as correctly stated cluttering the credentials file with many credentials is not the right move…