Links:

• Azure’s continuing security woes
• The Meeting Owl videoconference device apparently had significant security problems 
• Brandon Sherman writes about how Temporal structures its access control strategy with regard to AWS 
• This week's S3 Bucket Negligence Award goes to Mobike.  
• Cloud Functions or Cloud Run launched from any GCP organization can bypass Google Kubernetes Engine (GKE) Authorized Networks restrictions
• Proof of someone migrating to SSO and disabling IAM users entirely. 
• AWS blog post about IAM policy types: How and when to use them
• Tailscale