Issue #116
Monday · May 01, 2023
🥗 AWS security blogs
- AWS Security Profile: Tatyana Yatskevich, Principal Solutions Architect for AWS Identity — In the AWS Security Profile series, I interview some of the humans who work in AWS Security and help keep our customers safe and secure. In this profile, I interviewed Tatyana Yatskevich, Principal Solutions Architect for AWS Identity. How long have you been at AWS and what do you do in …
- AWS achieves an AAA Pinakes rating for Spanish financial entities — Amazon Web Services (AWS) is pleased to announce that we have achieved an AAA rating from Pinakes. The scope of this qualification covers 166 services in 25 global AWS Regions. The Spanish banking association Centro de Cooperación Interbancaria (CCI) developed Pinakes, a rating framework intended to manage and monitor the …
🍛 Reddit threads on r/aws
- AWS Layoffs Take Effect
- Beware of Broken macOS servers (mac1.metal) on AWS EC2! — Currently, getting a dedicated mac1.metal server on Amazon EC2 is a pay-to-win Gacha game. The ones that can run macOS 13 has a Rarity Level SR. A few days ago, I rented a bare-metal Mac computer on AWS (Dedicated Host, type mac1.metal) for software testing on macOS, but unexpectedly, I …
- Lambda Cold Starts benchmark is now supporting arm64
- Anyway to get $5k/$10k AWS credits for startups in 2023? — Just applied aws activate here https://aws.amazon.com/activate/ and it shows only $1k credit. But people just talking about 5k/10k credits couple months ago here : https://www.reddit.com/r/aws/comments/wtbvtr/how_was_your_experience_with_aws_activate_program/ and https://www.reddit.com/r/aws/comments/yp7nfq/aws_activate_founders_credits/ So did they lower the aws credits to $1k last month? Is there any other way to get that $5k/10k credit?
📌 Newsletters
📌 "AWS Security" on Google News
🧁 IAM permission changes
- kafka: 9 new actions, 1 new resource, 1 new condition | 3 updated actions — 9 new actions: CreateVpcConnection (Grants permission to create a MSK VPC connection), DeleteClusterPolicy (Grants permission to delete a cluster resource-based policy), DeleteVpcConnection (Grants permission to delete a MSK VPC connection), DescribeVpcConnection (Grants permission to describe a MSK VPC connection), GetClusterPolicy (Grants permission to describe a cluster resource-based policy), ListClientVpcConnections (Grants …
- guardduty: 1 new action — 1 new action: StartMalwareScan (Grants permission to initiate a new malware scan)
- connect: 14 new actions, 2 new resources | 3 updated actions — 14 new actions: ActivateEvaluationForm (Grants permission to activate an evaluation form in the specified Amazon Connect instance. After the evaluation form is activated, it is available to start new evaluations based on the form), CreateEvaluationForm (Grants permission to create an evaluation form in the specified Amazon Connect instance. The form …
🍪 API changes
- Amazon Elastic Compute Cloud - 7 updated methods — This release adds support for AMD SEV-SNP on EC2 instances.
- Amazon EMR Containers - 1 new methods — This release adds GetManagedEndpointSessionCredentials, a new API that allows customers to generate an auth token to connect to a managed endpoint, enabling features such as self-hosted Jupyter notebooks for EMR on EKS.
- Amazon GuardDuty - 1 new 2 updated methods — Added API support to initiate on-demand malware scan on specific resources.
📺 AWS security bulletins
- Issue With IAM Supporting Multiple MFA Devices — Initial Publication Date: 04/25/2023 10:00AM EST A security researcher recently reported an issue with AWS’s recently-released (November 16th, 2022) support for multiple multi-factor authentication (MFA) devices for IAM user principals. The reported issue could have potentially arisen only when the following three conditions were met: (1) An IAM user had …
