AWS Security, built for APRA-regulated Australia
CPS 234, CPS 230, the Cyber Security Act’s ransomware reporting, and FAR’s personal accountability mean your board now needs demonstrable, current evidence on AWS — and the existing tooling is either four years stale or thousands a month.
Big Data engineer? The free tools are still here →
15+ years platform engineering · enterprise data security at MNC scale · AWS Solutions Architect & AWS Security Specialty certified
Stay current
Map controls to real AWS services
Board-ready evidence
Featured writing
All posts →Why Your YARN Containers Keep Getting OOM-Killed
The virtual memory check is unstable and platform-dependent. Here's exactly when to disable it and what to set instead.
Kafka ACL Patterns That Actually Work in Production
Forget the textbook examples. Here are the ACL matrices we use at scale across multiple environments.
Building in the open
cps234-aws-config-packUpdated CPS 234 / CPS 230 conformance pack for AWS Config
aiopsone-au-landing-zoneTerraform for a CPS 234-aligned landing zone + Essential Eight ML3
steampipe-mod-aws-compliance-apraA Steampipe/Powerpipe APRA compliance mod
apra-compliance-narratorAI tool: AWS findings → APRA-paragraph narrative reports
Before AWS Security, I spent years running Kafka, Hadoop and CDP at scale. Those free tools — the YARN calculator, HDFS planner, Spark sizer and queue designer — are still live and still free. Use the Big Data tools →
Get the CPS 234 → AWS Controls cheatsheet
A practitioner mapping of every APRA CPS 234 control to the real AWS services that satisfy it. Free — straight to your inbox.
No spam. Unsubscribe anytime. See our privacy policy.