Cloud Attack Surface
Cloud Attack Surface: serverless event injection
Explores event-driven abuse in managed queues and functions, with emphasis on least-privilege tuning and reconciliation after test bursts.
Description
Participants chain misconfigured triggers inside a sandbox account that resets hourly. You will practice writing concise postmortems that separate test noise from genuine control gaps, a skill hiring managers explicitly request.
Features
- Queue poisoning scenario with automatic rollback
- Pair programming on IAM condition keys for VPC endpoints
- Session on mapping decentralized protocol adjacent triggers safely
- Mentor review of timing diagrams for burst traffic tests
- Appendix on cloud cost ops signals that reveal forgotten triggers
Outcomes
- Identify three risky event sources in the provided serverless stack
- Author a rollback runbook segment for platform SREs
- Deliver a five-slide verbal brief with diagrams only—no bullet walls
FAQ
Is multicloud included?
Primary labs are AWS Lambda and SQS shaped; concepts map to Azure Functions with mentor guidance.
Bandwidth expectations?
Expect up to 3 GB download on day zero for container images.
What is not promised?
We cannot guarantee mentor availability on local Japanese holidays; check the cohort calendar.
Participant notes
Serverless event injection storyline referenced our own activity log exports, which made the debrief template immediately reusable.
— Hannah Lee , SRE · Lumen Arcade · 5/5 · survey
Advanced pacing meant some nights ran long if you chased optional challenges—worth it but plan sleep accordingly.
— Victor Alam