I'm struggling to see how this "exercise" warrants a blog post when it simply rehashes AWS security practices.