Issue #100
Monday · January 09, 2023
🥗 AWS security blogs
- How to query and visualize Macie sensitive data discovery results with Athena and QuickSight — Amazon Macie is a fully managed data security service that uses machine learning and pattern matching to help you discover and protect sensitive data in Amazon Simple Storage Service (Amazon S3). With Macie, you can analyze objects in your S3 buckets to detect occurrences of sensitive data, such as personally identifiable information (PII), financial information, personal …
- Updated whitepaper available: AWS Security Incident Response Guide — The AWS Security Incident Response Guide focuses on the fundamentals of responding to security incidents within a customer’s Amazon Web Services (AWS) Cloud environment. You can use the guide to help build and iterate on your AWS security incident response program. Recently, we updated the AWS Security Incident Response Guide …
🍛 Reddit threads on r/aws
- Amazon S3 Encrypts New Objects By Default | Amazon Web Services
- My Infrastructure as Code Rosetta Stone - Deploying the same web application on AWS ECS Fargate with CDK, Terraform and Pulumi
- Updated whitepaper available: AWS Security Incident Response Guide
- Amazon Neptune announces graph-explorer, an open-source visual exploration tool for low-code users
📌 Newsletters
📌 Top Links from Security Folks
- Amazon S3 Encrypts New Objects By Default | Amazon Web Services — At AWS, security is the top priority. Starting today, Amazon Simple Storage Service (Amazon S3) encrypts all new objects by default. Now, S3 automatically applies …
- I scanned every package on PyPi and found 57 live AWS keys — After inadvertently finding that InfoSys leaked an AWS key on PyPi I wanted to know how many other live AWS keys may be present on …
- Why Not Mars — It’s slow, expensive, the engineering is mostly port-a-potty chemistry, and the best-case outcome is that thirty years from now we’ll get to watch someone remotely …
- Update detected · z0ph/MAMIP@067b455 — [MAMIP] Monitor AWS Managed IAM Policies Changes . Contribute to z0ph/MAMIP development by creating an account on GitHub.
📌 "AWS Security" on Google News
📌 AWS IP Ranges Updates
- AWS IP Ranges update for 2022-12-27 23:43:05 — Changed by -16 Removed 3.33.49.240/30 Removed 52.46.189.36/30 Removed 52.46.189.40/30 Removed 52.46.191.108/30
- AWS IP Ranges update for 2022-12-28 00:23:06 — Changed by -32 Removed 3.33.49.136/29 Removed 3.33.49.192/29 Removed 3.33.49.132/30 Removed 3.33.49.144/30 Removed 3.33.49.164/30 Removed 3.33.49.180/30
🧁 IAM permission changes
- ec2: 29 updated actions, 7 updated conditions — 29 updated actions: AuthorizeSecurityGroupEgress (resources), AuthorizeSecurityGroupIngress (resources), DescribeClientVpnAuthorizationRules (resources), DescribeClientVpnConnections (resources), DescribeClientVpnRoutes (resources), DescribeClientVpnTargetNetworks (resources), DescribeFleetHistory (resources), DescribeFleetInstances (resources), DescribeImageAttribute (resources), DescribeInstanceAttribute (resources), DescribeSnapshotAttribute (resources), DescribeSpotFleetInstances (resources), DescribeSpotFleetRequestHistory (resources), DescribeVolumeAttribute (resources), DisableAddressTransfer (resources), DisableFastLaunch (resources), EnableAddressTransfer (resources), EnableFastLaunch (resources), GetCoipPoolUsage (resources), GetConsoleScreenshot (resources), GetVpnConnectionDeviceSampleConfiguration (resources), ModifyInstanceCapacityReservationAttributes (resources), ModifySecurityGroupRules (resources), MoveByoipCidrToIpam …
- iotroborunner: 29 removed actions, 5 removed resources, 5 removed conditions — 29 removed actions: CreateAction (Grants permission to create an action), CreateActionTemplate (Grants permission to create an action template), CreateActionTemplateDependency (Grants permission to create an action template dependency), CreateActivity (Grants permission to create an activity), CreateActivityDependency (Grants permission to create an activity dependency), CreateDestinationRelationship (Grants permission to create a destination relationship), …
- autoscaling: 1 updated action — 1 updated action: CreateAutoScalingGroup (conditions)
🍪 API changes
- AWS Audit Manager - 2 updated methods — This release introduces a new data retention option in your Audit Manager settings. You can now use the DeregistrationPolicy parameter to specify if you want to delete your data when you deregister Audit Manager.
- AmplifyBackend - 1 updated methods — Updated GetBackendAPIModels response to include ModelIntrospectionSchema json string
- AWS App Runner - 6 updated methods — This release adds support of securely referencing secrets and configuration data that are stored in Secrets Manager and SSM Parameter Store by adding them as environment secrets in your App Runner service.
- Amazon Connect Service - 2 updated methods — Documentation update for a new Initiation Method value in DescribeContact API
