| Links | https://bio.link/zoph |
| unusd.cloud | https://unusd.cloud |
Lately, I've realized that I've been working in the AWS space for nearly 10 years.
Everything began with this eye-opening moment at an AWSomeDay in Paris (Feb. 24, 2017). I was doing traditional System Engineering at that time, ordering and racking servers, dealing with networking cables, switches, and routers.
Since then, I’ve been working in AWS Infrastructure and Security. Fell in love with it.
I don't know (yet) what the next eye-opening moment would be.
IAMTrail now tracks AWS endpoint changes, sourced directly from the Official botocore AWS repository.
It reveals service expansions, new region launches, and new partitions - often before they're officially announced.
I've been collecting this data for 4+ years, so the full history is already there.
PS: You can also subscribe to these kinds of updates.
Enjoy!
Since 2019, I've been tracking every AWS Managed Policy change in a Git repository (MAMIP).
In the last few months, I've added:
- A Landing Page with search capabilities, stats
- Known Account Lookup based on the fwdcloudsec dataset
- Results of IAM Access Analyzer on these AWS Policies
Just added a new section to the MAMIP webapp to review findings from AWS IAM Access Analyzer on ALL AWS Managed Policies.
These capabilities can sometimes yield interesting results and may even spoil upcoming AWS capabilities, etc.
But please don’t take the errors too seriously; sometimes they’re normal and expected behaviour from AWS.
Happy to read your feedback on this.
Just added a new feature to MAMIP.
You can now search for known AWS accounts from the fwdcloudsec dataset.
Single webapp to look up AWS managed policy history, search known AWS account IDs, and more.
Give it a try.
A few days ago, I found the very first commit of https://unusd.cloud.
Back then it was called Instance-Watcher.
The whole logic fit in one screenshot. A simple Python function using boto3 to send a daily HTML table of running EC2 instances across all AWS regions.
The goal was simple: give ops teams visibility on what is actually running, and spot the unusual before the end of month AWS bill does.
7 years later, https://unusd.cloud has grown into a real FinOps SaaS:
- 700+ users
Coding in 2026 is like:
- Playing Starcraft with "Show me the money".
- \devmap q3tourney2 + \god in Q3.
- DNKROZ in Duke Nukem.
- IDDQD for Doom.
Your turn.
Just shipped a compagnon website for MAMIP, the tool that detects change made by AWS on IAM Managed Policy.
Let me know what do you think of this first version. I'm considering adding many new features in the next upcoming weeks.
I've put a focus on brand new policies shipped by AWS (VersionId = "v1").
Just 2 hours to go before fwd:cloudsec Europe kicks off here in Berlin! 🇩🇪
We’ve got an incredible lineup of speakers this year covering the latest in cloud security, from IAM and supply chain risks to practical defense strategies.
Check out the full schedule here: https://fwdcloudsec.org/conference/europe/schedule.html
Not in Berlin? No worries, you can join us live on YouTube: https://www.youtube.com/live/-a9Ts7AWT7I
It's going to be a packed day of sharp insights and real-world lessons for cloud security l33ts.
Since January, I've resumed running. It's part of my New Year's resolution: new gear and a more challenging routine after a seven-year pause and passing the 40-year milestone.
I'm now using Strava only to record my activities, and I've found a few cool FOSS initiatives that are game changers.
- Statistics for Strava, a self-hosted (On Synology) container with tons of stats, dashboards, everything well presented, and Private. (See screenshots)