Issue #108
Monday · March 06, 2023
🥗 AWS security blogs
- How to set up least privilege access to your encrypted Amazon SQS queue — Amazon Simple Queue Service (Amazon SQS) is a fully-managed message queueing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. Amazon SQS provides authentication mechanisms so that you can control who has access to the queue. It also provides encryption in transit with HTTP over …
- Three ways to boost your email security and brand reputation with AWS — If you own a domain that you use for email, you want to maintain the reputation and goodwill of your domain’s brand. Several industry-standard mechanisms can help prevent your domain from being used as part of a phishing attack. In this post, we’ll show you how to deploy three of …
- Considerations for the security operations center in the cloud: deployment using AWS security services — Welcome back. If you’re joining this series for the first time, we recommend that you read the first blog post in this series, Considerations for security operations in the cloud, for some context on what we will discuss and deploy in this blog post. In the earlier post, we talked …
- AWS Melbourne Region has achieved HCF Strategic Certification — Amazon Web Services (AWS) is delighted to confirm that our new AWS Melbourne Region has achieved Strategic Certification for the Australian Government’s Hosting Certification Framework (HCF). We know that maintaining security and resiliency to keep critical data and infrastructure safe is a top priority for the Australian Government and all …
🍛 Reddit threads on r/aws
- AWS Employees - How can I give a kudos to an AWS Support engineer that was really helpful with an issue. — I do not want to bore you with the details, but I ran into an issue with some of my AWS accounts regarding SSO and Permission Sets. This support engineer was super helpful in working with internal AWS resources to come up with a resolution to my issue(s). How can …
- RDS now supports PostgreSQL 15
- Create a break glass role for emergency use in order to limit production console access.
- In the Works – AWS Region in Malaysia
📌 Newsletters
📌 Top Links from Security Folks
- fwd:cloudsec 2023 — fwd:cloudsec is the industry’s leading independent, community-driven cloud security conference. All times listed are in US/Pacific time.
- Signed Commits — SourceShield Documentation
📌 "AWS Security" on Google News
📌 AWS IP Ranges Updates
- AWS IP Ranges update for 2023-02-22 13:43:08 — Changed by +5248 Added 96.0.136.0/21 Added 96.0.144.0/21 Added 96.0.152.0/22 Added 13.34.92.64/26 Added 13.34.92.128/26
- AWS IP Ranges update for 2023-02-22 15:13:06 — Changed by +48 Added 142.4.161.64/27 Added 142.4.161.56/29 Added 142.4.161.96/29
🧁 IAM permission changes
- securityhub: 2 new actions | 2 updated actions — 2 new actions: BatchGetSecurityControls (Grants permission to get details about specific security controls identified by ID or ARN), ListStandardsControlAssociations (Grants permission to list the enablement status of a security control in standards); 2 updated actions: BatchGetStandardsControlAssociations (dependents), BatchUpdateStandardsControlAssociations (dependents)
- controltower: 9 new actions — 9 new actions: DeleteLandingZone (Grants permission to delete AWS Control Tower landing zone), DescribeLandingZoneConfiguration (Grants permission to describe the current Landing Zone configuration), DescribeRegisterOrganizationalUnitOperation (Grants permission to describe a Register Organizational Unit Operation), GetAccountInfo (Grants permission to describe an account email and validate that it exists), GetLandingZoneDriftStatus (Grants permission to …
- snowball: 1 new action — 1 new action: ListServiceVersions (Grants permission to list all supported versions for Snow on-device services)
