cloud-security

Cloud IAM mistakes become high-impact quickly, so I keep policies narrow and resource-scoped. Wildcards are convenient until they become an incident report. The baseline question is always the same: what exact actions on what exact resources does this

Public cloud storage needs explicit safety rails because the defaults are not enough by themselves. I deny insecure transport, block public access at the account level, and scope principals tightly. Storage mistakes are still one of the easiest ways t