Hello Chris and all,
At this point:
> - Inside EC2 instance metadata were the constantly rotating IAM EC2
>instance-role credentials that the WAF itself used to talk to AWS APIs
You would be in control, I would think. IAM's, subnets, and security groups
like up in the creation of a project. May
Getting off topic here but the Capital One data breach was not the
result of a cloud provider failure or cloud provider security hole. The
only audits that would have identified the problem would have been
client-side audits.
It was a failure of the "shared security model" where AWS is very
