Lex NevaFeb 06
6
Monday February, 2023
🐿 In a nutshell
Twitter's free API access is ending on February 9th (this week), and I rely on it for my army of AWS tweeting bots.
It's time to make a decision: pay for access with crowdsourcing, or retire the bots from Twitter.
What do you think is the best approach? Answer here
📢 MAMIP (Monitor AWS Managed IAM Policies)
Policies changed since last week:
- AWSAppSyncSchemaAuthor
- AWSCodeDeployRole
- AWSConfigServiceRolePolicy
- AWSManagedServicesDeploymentToolkitPolicy
- AWS_ConfigRole
- AmazonCognitoUnauthenticatedIdentities
- AmazonLexReadOnly
- AmazonRedshiftQueryEditorV2NoSharing
- AmazonRedshiftQueryEditorV2ReadSharing
- AmazonRedshiftQueryEditorV2ReadWriteSharing
📊 Pool of the week
Q: From AWS Cert Security Exam sample: A Security Engineer has been informed that a user’s access key has been found on GitHub. The Engineer must ensure that this access key cannot continue to be used, and must assess whether the access key was used to perform any unauthorized activities. What steps must be taken to perform these tasks?
Past week pool: Q: What is the maximum number of AccessKey you can generate for a single IAM User?
Answer: 2 (14/19 votes)
SRE Weekly Issue #358
[tl;dr sec] #167 - SBOM, Scaling Security Alert Management
Clint at tl;dr secFeb 02
AWS AppSync - 4 updated methods
Jan 31
This release introduces the feature to support EventBridge as AppSync data source.
AWS CloudTrail - 6 new 1 updated methods
Jan 31
Add new "Channel" APIs to enable users to manage channels used for CloudTrail Lake integrations, and "Resource Policy" APIs to enable users to manage the resource-based permissions policy attached to a channel.
AWS CloudTrail Data Service - 1 new methods
Jan 31
Add CloudTrail Data Service to enable users to ingest activity events from non-AWS sources into CloudTrail Lake.
CodeArtifact - 1 new methods
Jan 31
This release introduces a new DeletePackage API, which enables deletion of a package and all of its versions from a repository.
Define a custom session duration and terminate active sessions in IAM Identity Center
Ron CullyJan 31
Managing access to accounts and applications requires a balance between delivering simple, convenient access and managing the risks associated with active user sessions. Based on your organization’s needs, you might want to make it simple for end users to sign in and to operate long enough to get their work …
How to set up ongoing replication from your third-party secrets manager to AWS Secrets Manager
Laurens BrinkerJan 31
Secrets managers are a great tool to securely store your secrets and provide access to secret material to a set of individuals, applications, or systems that you trust. Across your environments, you might have multiple secrets managers hosted on different providers, which can increase the complexity of maintaining a consistent …
Reduce risk by implementing HttpOnly cookie authentication in Amazon API Gateway
Marc BorntraegerJan 30
Some web applications need to protect their authentication tokens or session IDs from cross-site scripting (XSS). It’s an Open Web Application Security Project (OWASP) best practice for session management to store secrets in the browsers’ cookie store with the HttpOnly attribute enabled. When cookies have the HttpOnly attribute set, the …
AWS achieves ISO 20000-1:2018 certification for 109 services
Rodrigo FiuzaJan 30
We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that AWS Regions and AWS Edge locations are now certified by the International Organization for Standardization (ISO) 20000-1:2018 standard. This certification demonstrates our continuous commitment to adhere to the heightened …
cloudtrail-data: 1 new action, 1 new resource, 3 new conditions
Feb 4
1 new action: PutAuditEvents (Grants permission to ingest your application events into CloudTrail Lake); 1 new resource: channel; 3 new conditions: aws:RequestTag/${TagKey} (Filters access by a tag's key and value in a request), aws:ResourceTag/${TagKey} (Filters actions based on the presence of tag key-value pairs in the request), aws:TagKeys (Filters access …
kinesisvideo: 4 new actions
Feb 4
4 new actions: DescribeMappedResourceConfiguration (Grants permission to describe the resource mapped to the Kinesis video stream), DescribeMediaStorageConfiguration (Grants permission to describe the media storage configuration of a signaling channel), JoinStorageSession (Grants permission to join a storage session for a channel), UpdateMediaStorageConfiguration (Grants permission to create or update an mapping between …
cloudtrail: 6 new actions | 1 updated resource, 3 updated actions
Feb 2
6 new actions: CreateChannel (Grants permission to create a channel), DeleteChannel (Grants permission to delete a channel), DeleteResourcePolicy (Grants permission to delete a resource policy from the provided resource), GetResourcePolicy (Grants permission to get the resource policy attached to the provided resource), PutResourcePolicy (Grants permission to attach a resource policy …
fwd:cloudsec @fwdcloudsec
Save the date! fwd:cloudsec '23 will be on June 12 & 13 in LA at the Embassy Suites Anaheim South 🎉🎉
Yes, you read that right... we're extending the conference back to 2 days!
Tickets & CFP details to follow soon. Join our mailing list for the latest: fwdcloudsec.org/#mc_embed_sign…
71
19Feb 03 · 2:38 AM
Aidan W Steele @__steele
I noticed while driving today that Apple Maps is a lot more detailed than it was a few weeks ago. It has the colour of buildings, street lane markings and large trees!
Here’s a nearby intersection on Apple Maps and Google Maps. Google has the tram tracks off the road entirely!
7611Feb 01 · 7:50 AM
Colm MacCárthaigh @colmmacc
This new feature is also a classic network engineer interview question! "What is the limit on the number of connections between an IP address and a unique destination and why?"
What's New on AWS (Unoffical) @awswhatsnew
Amazon increases NAT Gateway’s capacity to support concurrent connections to a unique destination
Starting today, you can configure your NAT Gateway to support up to 440,000 concurrent connections to a unique destination by adding multiple IP addre... aws.amazon.com/about-aws/what…
514Feb 01 · 10:55 PM
rami @ramimacisabird
Excited to share two more Staff+ Security Engineer stories we've just published over on tldrsec.com
Jonathan Fisher (from @praetorianlabs) shared how he's experienced "Staff Level" work in a consulting team tldrsec.com/guides/staffen… 1/3
354Jan 31 · 9:44 PM
Clint Gibler @clintgibler
🤖 Elevating Security Alert Management Using Automation
@jshlbrd describes the @brexHQ Detection and Response Team’s approach to managing and automating security alerts at scale.
medium.com/brexeng/elevat…
258Feb 03 · 7:00 PM Clint Gibler @clintgibler
📚 tl;dr sec 167
With great work from:
@ramimacisabird, @SergVasiliev, @JoseSelvi, @owasp, @positive_sec, @trufflesec, @lacerenza_fra, @ouadmoha, @terminatorLM, @jcfarris, @QuinnyPig, @yuval_avrahami, @SentinelOne, @jshlbrd, @DanielMiessler
and more!
tldrsec.com/blog/tldr-sec-…
247Feb 02 · 5:00 PM Aidan W Steele @__steele
tl;dr you can now generate CloudWatch metrics via EMF simply by formatting the logs correctly - no need to screw around with request headers. This makes it much easier to use with ECS
What's New on AWS (Unoffical) @awswhatsnew
Amazon CloudWatch now simplifies metric extraction from structured logs
Amazon CloudWatch now supports metric extraction from structured logs using Embedded Metric Format (EMF) without requiring customers to provide special header declaration while... aws.amazon.com/about-aws/what…
253Jan 31 · 11:05 PM
CJ Moses @mosescj58
Had a great conversation with @AssafRappaport, CEO of @wiz_io. Watch the full video to hear our thoughts on how we're working together, scaling in the cloud, and maintaining customer focus during challenging times. @AWSSecurityInfo @awscloud
AWS Startups @AWSstartups
For companies that are scaling, nothing is more important than building secure, resilient, and efficient infrastructure. @AssafRappaport, CEO of @wiz_io, spoke with AWS' @mosescj58 about scaling businesses securely in the cloud. @AWSSecurityInfo go.aws/3DAsUjM
204Feb 02 · 4:31 PM
Brad Geesaman @bradgeesaman
For me, it’s the same energy I have when “you want me to write a letter on paper, drive to the post office, wait in line, buy a stamp, wait 2-3 weeks, and check my mailbox everyday? No thanks.” Processes that aren’t constantly evolving with user needs won’t last long. twitter.com/CyberneticMelo…
190Jan 31 · 2:06 PM
Victor Grenu @zoph
[Blog Post] Update on being Independent AWS Consultant — 3 years later.
- Build trust with experts
- Stay curious
- Diversify streams
- Weigh autonomy VS scalability
zoph.me/posts/2023-01-…
134Jan 30 · 5:00 PM
AWS IP Ranges update for 2023-01-28 00:43:08
Changed by +2304
Added 96.0.112.0/21
Added 96.0.108.0/24
Added 96.0.112.0/21
Added 96.0.108.0/24
AWS IP Ranges update for 2023-01-30 17:43:08
Changed by +64
Added 13.34.91.0/26
Added 13.34.91.0/26
- 🖊️ Don't miss out on the latest industry insights - stay ahead of the game by subscribing
- 📢 Gain visibility for your brand by sponsoring our content
- 💌 If you have any suggestions for future topics, let us know
