Andoni A.
@andoniaf.unicrons.cloud
Cloud Security Engineer.
Writing about cloud security at unicrons.cloud.
Writing about cloud security at unicrons.cloud.
Reposted by Andoni A.
Whoa, this seems like a hell of a re:invent announcement that leaked too early:
www.youtube.com/watch?v=Q2Zp...
www.youtube.com/watch?v=Q2Zp...
November 21, 2025 at 4:09 AM
Whoa, this seems like a hell of a re:invent announcement that leaked too early:
www.youtube.com/watch?v=Q2Zp...
www.youtube.com/watch?v=Q2Zp...
Reposted by Andoni A.
🚀 ¡Nuevo meetup del AWS User Group Sevilla!
Este mes hablamos de seguridad en la nube con AWS 🔐 y de cómo Prowler ayuda a auditar y reforzar tus cuentas AWS.
📅 29 oct, 19:00h · 📍Espacio RES
👉 www.meetup.com/aws-user-gro...
#AWS #CloudSecurity #Prowler #Sevilla
Este mes hablamos de seguridad en la nube con AWS 🔐 y de cómo Prowler ayuda a auditar y reforzar tus cuentas AWS.
📅 29 oct, 19:00h · 📍Espacio RES
👉 www.meetup.com/aws-user-gro...
#AWS #CloudSecurity #Prowler #Sevilla
October 10, 2025 at 11:44 AM
🚀 ¡Nuevo meetup del AWS User Group Sevilla!
Este mes hablamos de seguridad en la nube con AWS 🔐 y de cómo Prowler ayuda a auditar y reforzar tus cuentas AWS.
📅 29 oct, 19:00h · 📍Espacio RES
👉 www.meetup.com/aws-user-gro...
#AWS #CloudSecurity #Prowler #Sevilla
Este mes hablamos de seguridad en la nube con AWS 🔐 y de cómo Prowler ayuda a auditar y reforzar tus cuentas AWS.
📅 29 oct, 19:00h · 📍Espacio RES
👉 www.meetup.com/aws-user-gro...
#AWS #CloudSecurity #Prowler #Sevilla
Reposted by Andoni A.
Thanks to folks including @frichetten.com for feedback about our Bedrock API key launch. We're listening. Yesterday, we updated Bedrock and IAM docs (see docs.aws.amazon.com/bedrock/late...) to clarify that these are service-specific credentials and how to prevent their use in your environment. 1/2
September 6, 2025 at 12:39 AM
Thanks to folks including @frichetten.com for feedback about our Bedrock API key launch. We're listening. Yesterday, we updated Bedrock and IAM docs (see docs.aws.amazon.com/bedrock/late...) to clarify that these are service-specific credentials and how to prevent their use in your environment. 1/2
Reposted by Andoni A.
And we couldn't let August end without publishing our writeups for the @cloudvillage-dc.bsky.social CTF at @defcon.bsky.social
unicrons.cloud/en/2025/08/3...
unicrons.cloud/en/2025/08/3...
WriteUp: Cloud Village CTF DEFCON 33 - unicrons.cloud
unicrons.cloud
August 31, 2025 at 8:40 AM
And we couldn't let August end without publishing our writeups for the @cloudvillage-dc.bsky.social CTF at @defcon.bsky.social
unicrons.cloud/en/2025/08/3...
unicrons.cloud/en/2025/08/3...
Reposted by Andoni A.
Wiz already released the new challenge for this month, so it is time to show how we solved the previous one!
We always wanted to dig more about containers escaping, so it was a perfect opportunity to learn.
unicrons.cloud/en/2025/08/1...
We always wanted to dig more about containers escaping, so it was a perfect opportunity to learn.
unicrons.cloud/en/2025/08/1...
WriteUp: Cloud Security Championship #2 - Contain Me If You Can - unicrons.cloud
unicrons.cloud
August 28, 2025 at 7:34 PM
Wiz already released the new challenge for this month, so it is time to show how we solved the previous one!
We always wanted to dig more about containers escaping, so it was a perfect opportunity to learn.
unicrons.cloud/en/2025/08/1...
We always wanted to dig more about containers escaping, so it was a perfect opportunity to learn.
unicrons.cloud/en/2025/08/1...
Reposted by Andoni A.
Major shout out to @andoniaf.unicrons.cloud for adding three new privilege escalation techniques to the Hacking the Cloud catalog! Contributions like this make everything possible.
hackingthe.cloud/aws/exploita...
hackingthe.cloud/aws/exploita...
AWS IAM Privilege Escalation Techniques - Hacking The Cloud
Common techniques that can be leveraged to escalate privileges in an AWS account.
hackingthe.cloud
August 21, 2025 at 3:24 PM
Major shout out to @andoniaf.unicrons.cloud for adding three new privilege escalation techniques to the Hacking the Cloud catalog! Contributions like this make everything possible.
hackingthe.cloud/aws/exploita...
hackingthe.cloud/aws/exploita...
Do you want to build "the perfect pipeline"?
@Paco_S and I will present "Level Up Your CI/CD: Building a secure pipeline with OSS" workshop at @cloudvillage-dc.bsky.social @defcon.bsky.social 🚀
@Paco_S and I will present "Level Up Your CI/CD: Building a secure pipeline with OSS" workshop at @cloudvillage-dc.bsky.social @defcon.bsky.social 🚀
July 15, 2025 at 11:08 AM
Do you want to build "the perfect pipeline"?
@Paco_S and I will present "Level Up Your CI/CD: Building a secure pipeline with OSS" workshop at @cloudvillage-dc.bsky.social @defcon.bsky.social 🚀
@Paco_S and I will present "Level Up Your CI/CD: Building a secure pipeline with OSS" workshop at @cloudvillage-dc.bsky.social @defcon.bsky.social 🚀
Reposted by Andoni A.
We're at @fwdcloudsec.org and we have stickers. I do not know what else to say so just find us (or the stickers we left around 😂)
June 30, 2025 at 9:45 PM
We're at @fwdcloudsec.org and we have stickers. I do not know what else to say so just find us (or the stickers we left around 😂)
Reposted by Andoni A.
Is your boss telling you to reduce the bill? Then this meetup is perfect for you!
FinOps for Engineers: How to create real impact in your organization 💸
with Ernesto Suarez, CEO at @GlassityStartup
🗓Thu, June 12
⏰18:30h
📍@FlywireEng
office
📝RSVP: www.meetup.com/aws-valencia...
FinOps for Engineers: How to create real impact in your organization 💸
with Ernesto Suarez, CEO at @GlassityStartup
🗓Thu, June 12
⏰18:30h
📍@FlywireEng
office
📝RSVP: www.meetup.com/aws-valencia...
FinOps for Engineers: How to create real impact in your organization, Thu, Jun 12, 2025, 6:30 PM | Meetup
**Talk: "FinOps for Engineers: How to create real impact in your organization"**
Learn about FinOps culture from the engineering point of view and how to create a positive
www.meetup.com
June 9, 2025 at 3:28 PM
Is your boss telling you to reduce the bill? Then this meetup is perfect for you!
FinOps for Engineers: How to create real impact in your organization 💸
with Ernesto Suarez, CEO at @GlassityStartup
🗓Thu, June 12
⏰18:30h
📍@FlywireEng
office
📝RSVP: www.meetup.com/aws-valencia...
FinOps for Engineers: How to create real impact in your organization 💸
with Ernesto Suarez, CEO at @GlassityStartup
🗓Thu, June 12
⏰18:30h
📍@FlywireEng
office
📝RSVP: www.meetup.com/aws-valencia...
"100% serverless Certificate Authority on AWS, only $50/year"
Never thought I would hear all these words together😅
But it's true, go check this amazing project serverlessca.com by @paulschwarzen
Never thought I would hear all these words together😅
But it's true, go check this amazing project serverlessca.com by @paulschwarzen
Serverless CA on AWS
Serverless CA in AWS with FIPS 140-2 level 3 CA key storage and cost typically under $5 per month
serverlessca.com
April 8, 2025 at 5:54 PM
"100% serverless Certificate Authority on AWS, only $50/year"
Never thought I would hear all these words together😅
But it's true, go check this amazing project serverlessca.com by @paulschwarzen
Never thought I would hear all these words together😅
But it's true, go check this amazing project serverlessca.com by @paulschwarzen
Vaya, parece que @colibid también retransmite partidos de futbol de forma "ilegal"...
April 6, 2025 at 2:13 PM
Vaya, parece que @colibid también retransmite partidos de futbol de forma "ilegal"...
Reposted by Andoni A.
Psychological safety is NOT about lack of disagreement.
Psychological safety REQUIRES:
* disagreement and debate
* setting standards for behavior and performance, and enforcing them
* telling people things they don't want to hear
* courage, from the bottom up
* humility, from the top down
Psychological safety REQUIRES:
* disagreement and debate
* setting standards for behavior and performance, and enforcing them
* telling people things they don't want to hear
* courage, from the bottom up
* humility, from the top down
Controversial take: teams that never argue are often the most dysfunctional ones.
Here's why your team should be fighting more.
terriblesoftware.org/2025/03/12/w...
Here's why your team should be fighting more.
terriblesoftware.org/2025/03/12/w...
Why Your ‘Harmonious’ Team Is Actually Failing
Teams often confuse psychological safety with everyone getting along perfectly. I see leaders bragging about teams where nobody ever raises their voice, where meetings wrap up with everyone nodding…
terriblesoftware.org
March 13, 2025 at 11:07 PM
Psychological safety is NOT about lack of disagreement.
Psychological safety REQUIRES:
* disagreement and debate
* setting standards for behavior and performance, and enforcing them
* telling people things they don't want to hear
* courage, from the bottom up
* humility, from the top down
Psychological safety REQUIRES:
* disagreement and debate
* setting standards for behavior and performance, and enforcing them
* telling people things they don't want to hear
* courage, from the bottom up
* humility, from the top down
I've been accepted as Security AWS Community Builder 🎉 🎉
That means more AWS Cloud Security stuff is coming! 🙌
#AWSCommunity
That means more AWS Cloud Security stuff is coming! 🙌
#AWSCommunity
March 5, 2025 at 8:35 PM
I've been accepted as Security AWS Community Builder 🎉 🎉
That means more AWS Cloud Security stuff is coming! 🙌
#AWSCommunity
That means more AWS Cloud Security stuff is coming! 🙌
#AWSCommunity
Do you agree with this chatGPT definition of "misconfiguration" in a cloud security context?
How would you define it?
How would you define it?
March 1, 2025 at 11:02 AM
Do you agree with this chatGPT definition of "misconfiguration" in a cloud security context?
How would you define it?
How would you define it?
Reposted by Andoni A.
Want to foster a cost-conscious culture in your DevOps team?
We loved this Reddit post (300+ upvotes) about a startup cutting its cloud bill by 40% in weeks by fostering a culture of cost / waste awareness.
We loved this Reddit post (300+ upvotes) about a startup cutting its cloud bill by 40% in weeks by fostering a culture of cost / waste awareness.
February 24, 2025 at 4:30 PM
Want to foster a cost-conscious culture in your DevOps team?
We loved this Reddit post (300+ upvotes) about a startup cutting its cloud bill by 40% in weeks by fostering a culture of cost / waste awareness.
We loved this Reddit post (300+ upvotes) about a startup cutting its cloud bill by 40% in weeks by fostering a culture of cost / waste awareness.
