While the advantages of serverless are compelling for both individual developers and the business at large, there are a few things to consider in your journey. Unsurprisingly, security is at the top of the list. So, if you want to do it well, you can’t treat it as an afterthought.
Information security (infosec) is a broad field. Its practitioners behave more like artists than engineers, and the array of possibilities leading to infosec failure are vast.
Introducing stack.new to audit and visualize CloudFormation templates for best practices.
In this guide we'll take a look at the basics of IAM policies, just enough to understand best practices, and then look at some of the tools available to help us validate that our permissions follow best practices to secure our resources.