Issue #106
Monday · February 20, 2023
🥗 AWS security blogs
- AWS completes CCAG 2022 pooled audit by European FSI customers — We are excited to announce that Amazon Web Services (AWS) has completed its annual Collaborative Cloud Audit Group (CCAG) Cloud Community audit with European financial service institutions (FSIs). Security at AWS is the highest priority. As customers embrace the scalability and flexibility of AWS, we are helping them evolve security, …
- AWS now licensed by DESC to operate as a Tier 1 cloud service provider in the Middle East (UAE) Region — We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that our Middle East (UAE) Region is now certified by the Dubai Electronic Security Centre (DESC) to operate as a Tier 1 cloud service provider (CSP). This alignment with DESC …
- AWS Security Profile: Jana Kay, Cloud Security Strategist — In the AWS Security Profile series, we interview Amazon Web Services (AWS) thought leaders who help keep our customers safe and secure. This interview features Jana Kay, Cloud Security Strategist. Jana shares her unique career journey, insights on the Security and Resiliency of the Cloud Tabletop Exercise (TTX) program, thoughts …
- How to visualize IAM Access Analyzer policy validation findings with QuickSight — In this blog post, we show you how to create an Amazon QuickSight dashboard to visualize the policy validation findings from AWS Identity and Access Management (IAM) Access Analyzer. You can use this dashboard to better understand your policies and how to achieve least privilege by periodically validating your IAM …
📌 Newsletters
📌 "AWS Security" on Google News
📌 AWS IP Ranges Updates
- AWS IP Ranges update for 2023-02-13 19:13:08 — Changed by 0 Added 172.103.41.0/24 Removed 3.4.9.0/24
- AWS IP Ranges update for 2023-02-13 22:13:07 — Changed by -256 Removed 172.103.41.0/24
🧁 IAM permission changes
- kms: 1 new condition — 1 new condition: kms:RecipientAttestation:PCR (Filters access to the Decrypt, GenerateDataKey, and GenerateRandom operations based on the platform configuration registers (PCRs) in the attestation document in the request)
- amplify: 1 new resource | 3 updated actions — 1 new resource: webhooks; 3 updated actions: DeleteWebHook (resources), GetWebHook (resources), UpdateWebHook (resources)
- frauddetector: 5 new actions, 1 new resource — 5 new actions: CreateList (Grants permission to create a list), DeleteList (Grants permission to delete a list), GetListElements (Grants permission to get elements of a list), GetListsMetadata (Grants permission to get metadata about lists), UpdateList (Grants permission to update a list); 1 new resource: list
