---
title: "Inadvertent Compliance Week"
id: "13064"
type: "podcast"
slug: "inadvertent-compliance-week"
published_at: "2022-09-29T10:00:00+00:00"
modified_at: "2023-03-13T17:58:15+00:00"
url: "https://www.lastweekinaws.com/podcast/aws-morning-brief/inadvertent-compliance-week/"
markdown_url: "https://www.lastweekinaws.com/podcast/aws-morning-brief/inadvertent-compliance-week.md"
taxonomy_shows:
  - "Last Week In AWS"
---

About the Author Corey is the Chief Cloud Economist at Duckbill, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "AWS Morning Brief" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure.

[https://podcasts.apple.com/us/podcast/aws-morning-brief/id1466344305](https://podcasts.apple.com/us/podcast/aws-morning-brief/id1466344305)

[https://overcast.fm/itunes1466344305/aws-morning-brief](https://overcast.fm/itunes1466344305/aws-morning-brief)

[https://pca.st/AKs0](https://pca.st/AKs0)

[https://podcastaddict.com/podcast/2382583](https://podcastaddict.com/podcast/2382583)

[https://open.spotify.com/show/3A04JNrNAcZMvn8cvDWpWU](https://open.spotify.com/show/3A04JNrNAcZMvn8cvDWpWU)

[https://feeds.transistor.fm/aws-morning-brief](https://feeds.transistor.fm/aws-morning-brief)

## Episode Summary

Last week in security news: An upcoming ACM certificate change, The Challenges of Assessing Kubernetes clusters for PCI Compliance, a helpful blog post from Tailscale, and more!

## Episode Show Notes & Transcript

**Links:**

- [The Challenges of Assessing Kubernetes clusters for PCI Compliance](https://raesene.github.io/blog/2022/09/20/Assessing-Kubernetes-Clusters-for-PCI-Compliance/) .
- Tailscale released a post titled [What we learned (and can share) from passing our SOC 2 Type II audit](https://tailscale.com/blog/soc2-type2/) that is absolutely worth your time and attention.
- Our friends at Wiz discovered a vulnerability in Oracle Cloud’s security where [you could mount other customers' EBS volumes simply by asking the API to do so](https://www.wiz.io/blog/attachme-oracle-cloud-vulnerability-allows-unauthorized-cross-tenant-volume-access) .
- From the Mouth of AWS Horse: [Announcing an update to IAM role trust policy behavior](https://aws.amazon.com/blogs/security/announcing-an-update-to-iam-role-trust-policy-behavior/)
- In the world of tools, AWS has launched its [rolesanywhere-credential-helper](https://github.com/aws/rolesanywhere-credential-helper)

 View Full Transcript  Hide Full Transcript

## You might also like

[More Podcast Episodes](https://www.lastweekinaws.com/podcast/aws-morning-brief/)