Issue #113
Monday · April 10, 2023
š„ AWS security blogs
- Reduce triage time for security investigations with Amazon Detective visualizations and export data ā To respond to emerging threats, you will often need to sort through large datasets rapidly to prioritize security findings. Amazon Detective recently released two new features to help you do this. New visualizations in Detective show the connections between entities related to multiple Amazon GuardDuty findings, and a new export ā¦
- TLS inspection configuration for encrypted traffic and AWS Network Firewall ā AWS Network Firewall is a managed service that provides a convenient way to deploy essential network protections for your virtual private clouds (VPCs). In this blog, we are going to cover how to leverage the TLS inspection configuration with AWS Network Firewall and perform Deep Packet Inspection for encrypted traffic. ā¦
- Logging strategies for security incident response ā Effective security incident response depends on adequate logging, as described in the AWS Security Incident Response Guide. If you have the proper logs and the ability to query them, you can respond more rapidly and effectively to security events. If a security event occurs, you can use various log sources ā¦
š Reddit threads on r/aws
- Amazon S3 beginning to apply two security best practices to all new buckets by default
- Introducing AWS Lambda response streaming - responses over 6MB now possible
- What happens when you leak AWS credentials and how AWS minimizes the damage
- Bill shock! Unexpected spike in price. ā Typically my bill is a consistent $180/mth. I got my bill yesterday and it was $430 and Iām already on track to spend $600 this month. I use US East (N. Virginia) My website was in development during the past several months, and we just launched less than a week ā¦
š Newsletters
š "AWS Security" on Google News
š§ IAM permission changes
- trustedadvisor: 10 new actions ā 10 new actions: CreateEngagement (Grants permission to create an engagement), CreateEngagementAttachment (Grants permission to create an engagement attachment), CreateEngagementCommunication (Grants permission to create an engagement communication), GetEngagement (Grants permission to view an engagment), GetEngagementAttachment (Grants permission to view an engagment attachment), GetEngagementType (Grants permission to view a specific engagement type), ā¦
- codecatalyst: 3 new actions | 8 updated actions, 1 updated resource ā 3 new actions: ListTagsForResource (Grants permission to list tags for an Amazon CodeCatalyst resource), TagResource (Grants permission to tag an Amazon CodeCatalyst resource), UntagResource (Grants permission to untag an Amazon CodeCatalyst resource); 8 updated actions: AcceptConnection (conditions), AssociateIamRoleToConnection (conditions), DeleteConnection (conditions), DisassociateIamRoleFromConnection (conditions), GetBillingAuthorization (conditions), GetConnection (conditions), ListIamRolesForConnection (conditions), PutBillingAuthorization ā¦
- sumerian: ā AWS Service Removed
šŖ API changes
- AWS IoT Greengrass V2 - 1 updated methods ā Add support for SUCCEEDED value in coreDeviceExecutionStatus field. Documentation updates for Greengrass V2.
- AWS Proton - 8 new 11 updated methods ā This release adds support for the AWS Proton service sync feature. Service sync enables managing an AWS Proton service (creating and updating instances) and all of it's corresponding service instances from a Git repository.
- AWS Config - 12 updated methods ā This release adds resourceType enums for types released in March 2023.
