SRE/DevOps Weekly Issue #15

Hey Everyone, we are back again from our bi-weekly Newsletter. I have shared about AWS, security stuff , kubernetes and many more.

Announcements

I hereby initiate a podcast named “Tech Talks with Aju“ where we will be sharing amazing insights into their specific field with amazing people.

If you are interested to showcase your works or share your niche domain, feel free to contact with me. My DMs are open for it.

Interesting stuff

• I interviewed as a Security Engineer at tech giants, here's what I learned

• Children illustrated guide to Kubernetes

• 15 tips to ace the ckad and cka exam

• Scaling Kubernetes to 25000 nodes

• Malicious Kubernetes Helm Charts can be used to steal sensitive information from Argo CD deployments

Cloud Security

Here are the common vulnerabilities and security threats when we use AWS services.
- S3 bucket
  - directory traversal
  - insecure upload policy
  - Subdomain takeover 
  - misconfiguration
- Insecure lambda
- SSRF via multiple aws services
- Poorly configured security groups
- IAM issues
- Snapshots exposed to the Public

This post is being referenced from my LinkedIn post.

If you wanna share content related to DevOps/SRE in the upcoming newsletter list, feel free to get in touch on Twitter or my personal website. Feel free to share with your DevOps/SRE enthusiast.