Zaal 9

Sessions

KEY01

It's turtles all the way down

Room: Zaal 9 | Time: 09:00 | Duration: 90

Modularity might be the single most important concept in software design. But it goes way beyond software: modularity is a key concept in business, organizations, and even people. In this talk we will travel down many levels of modularity – from enterprises all the way to software methods. We will discuss interfaces, implementations, and the trade-offs of modularity. By the end of the talk, you will have a clear framework to consider modularity in all your systems.

Luc van Donkersgoed

Principal Engineer @ PostNL and AWS Serverless Hero

ACD402

Your AWS root credential set

Room: Zaal 9 | Time: 11:00 | Duration: 30

Is it secret? Is it safe? Managing the one credential set to rule them all comes with a considerable amount of effort. Even worse, AWS provides APIs to effectively privilege escalate a normal AWS admin role/user to root. What paths can a hacker take to completely takeover your AWS account, or even organization, and what mechanisms can you implement to combat this?

Carlo van Overbeek

Security DevOps Engineer Cloud

ACD312

Using IAM Roles Anywhere for free

Room: Zaal 9 | Time: 11:30 | Duration: 30

IAM Roles Anywhere is a great way to get temporary security credentials on on-premises, or mulit-cloud or edge devices. However the complexity of managing your own PKI or the cost of using an AWS Private CA might have stopped you from seriously considering it. In this session we will look at how IAM Roles anywhere works and why that means we can use low-cost solutions like a yubikey for authentication. Just for fun we’ll even use a Belgian Identity Card to access our AWS Account.

Ben Bridts

AWS Hero || AWS Technologist @ Cloudar

ACD302

Drowning in Security Alerts? Automating Security Posture Automation at Scale using Security Hub

Room: Zaal 9 | Time: 13:00 | Duration: 30

Drowning in security alerts from CVE Scans & EKS audit logs? Time to wear your Security Hat. Automate your security alerts - From Finding to Remediation. Learn how to build a global central custom security posture for a large enterprise using AWS Security Hub, Security Lake, EventBridge, Lambda, GuardDuty, and Inspector. This Level 300 deep-dive shows how to normalize Security Hub findings, optimize data for efficient querying, and automate response and remediation.

Masoom Tulsiani

AWS Community Builder

ACD309

Cloudflare + AWS: Advanced Integration Patterns & Production Pitfalls

Room: Zaal 9 | Time: 14:00 | Duration: 30

Learn how to integrate Cloudflare with AWS workloads through practical examples. We’ll cover Cloudflare fundamentals, edge caching, and analytics dashboards. Explore Zero Trust components including Access, Gateway, and Tunnels for private ALB access. See Terraform automation for managing Cloudflare rules and policies, plus API protection with WAF and rate limiting. We’ll discuss R2 object storage integration and cost optimization strategies for AWS workloads.

Alex Jeensma

Founder & Chief Platform Engineer @ ElasticScale

ACD301

Breaking the Security vs. Speed Trade-off with AWS Config

Room: Zaal 9 | Time: 15:00 | Duration: 60

Getting AWS Platforms just right is hard. You want to set tight permission policies, but developers still need to be able to do their job. You want to have an environment that is both secure and reliable, ensuring compliance while also giving developers the freedom to experiment and innovate. AWS Config is often the missing puzzle piece to solve this paradox. In this talk, I will demonstrate you can create synergy between providing Infrastructure as Code templates to support your developers, granting the right amount of permissions to enable them to do their job, and finally utilizing AWS Config to ensure everything remains within security constraints.

Steffan Norberhuis

Founder Rocketleap