Issue #103
Monday · January 30, 2023
π₯ AWS security blogs
- Visualize AWS WAF logs with an Amazon CloudWatch dashboard β AWS WAF is a web application firewall service that helps you protect your applications from common exploits that could affect your applicationβs availability and your security posture. One of the most useful ways to detect and respond to malicious web activity is to collect and analyze AWS WAF logs. You β¦
- How to run AWS CloudHSM workloads in container environments β January 25, 2023: We updated this post to reflect the fact that CloudHSM SDK3 does not support serverless environments and we strongly recommend deploying SDK5. AWS CloudHSM provides hardware security modules (HSMs) in the AWS Cloud. With CloudHSM, you can generate and use your own encryption keys in the AWS β¦
- United Arab Emirates IAR compliance assessment report is now available with 58 services in scope β Amazon Web Services (AWS) is pleased to announce the publication of our compliance assessment report on the Information Assurance Regulation (IAR) established by the Telecommunications and Digital Government Regulatory Authority (TDRA) of the United Arab Emirates. The report covers the AWS Middle East (UAE) Region, with 58 services in scope β¦
- How to improve security incident investigations using Amazon Detective finding groups β Uncovering the root cause of an Amazon GuardDuty finding can be a complex task, requiring security operations center (SOC) analysts to collect a variety of logs, correlate information across logs, and determine the full scope of affected resources. Sometimes you need to do this type of in-depth analysis because investigating β¦
π Reddit threads on r/aws
- AWS launches a new Region in Melbourne, Australia.
- Amazon VPC IP Address Manager (IPAM) now manages IP Addresses in your network outside your AWS Organization
- Accidentally put 500k maximum wcu for provisioned dynamodb β I messed up and saved a 500k max wcu for provisioned dynamodb setting. I realized it 5 min after and immediately deleted the table. The estimated monthly cost is 278k and hourly 1.5k. Will I get charged for 1.5k even though I deleted the table 5 min later? I think β¦
- I took the AWS Purity Test, I think I may spend too much time in AWSβ¦.
π Newsletters
π "AWS Security" on Google News
π AWS IP Ranges Updates
- AWS IP Ranges update for 2023-01-18 02:43:06 β Changed by +128 Added 13.34.89.64/26 Added 13.34.89.128/26
- AWS IP Ranges update for 2023-01-18 04:13:06 β Changed by +64 Added 13.34.89.192/26
π§ IAM permission changes
- dynamodb: 2 new actions, 1 new condition | 2 updated actions, 2 updated conditions β 2 new actions: DescribeEndpoints (Grants permission to return the regional endpoint information), UpdateGlobalTableVersion (Grants permission to update version of the specified global table); 1 new condition: aws:TagKeys (Filters access by using a condition in IAM policies to control whether specific tag keys can be used on a resource or in β¦
- connect: 1 updated action β 1 updated action: StartChatContact (resources, conditions)
- iot: 1 new action β 1 new action: ListRelatedResourcesForAuditFinding (Grants permission to list related resources for a single audit finding)
πͺ API changes
- AWS MediaTailor - 1 new 2 updated methods β This release introduces the As Run logging type, along with API and documentation updates.
- AWS Outposts - 2 updated methods β Adding support for payment term in GetOrder, CreateOrder responses.
- Amazon SageMaker Runtime - 1 updated methods β This release supports running SageMaker Training jobs with container images that are in a private Docker registry.
- Amazon SageMaker Service - 3 updated methods β This release supports running SageMaker Training jobs with container images that are in a private Docker registry.
