Identify cross account roles and when they were last used. Determine which of those accounts are in the same organization. For ones not in the organization, ensure an External ID is used.
In Quick and Dirty: Building an S3 guardrail with Config we highlighted one of the big problems with Config: you need to set it up in each region of each account. Your best bet to make [...]
In How S3 Buckets Become Public, and the Fastest Way to Find Yours we reviewed the myriad of ways S3 buckets become public and where to look for them. Today I'll show the easiest way [...]