Securing AWS Resources with Cfn Nag

Analysing CloudFormation templates for security vulnerabilities

Developing software in the cloud, it’s becoming increasingly popular to provision resources using Infrastructure as Code (IaC). Within Amazon Web Services (AWS), we use AWS CloudFormation to request the required infrastructure and permissions to grant to our resources.

CloudFormation uses templates to define “stacks” — collections of resources — written either in JSON or YAML. These templates may be written directly, or generated by a…