Issue #117
Monday · May 08, 2023
π₯ AWS security blogs
- Get details on security finding changes with the new Finding History feature in Security Hub β In todayβs evolving security threat landscape, security teams increasingly require tools to detect and track security findings to protect their organizationsβ assets. One objective of cloud security posture management is to identify and address security findings in a timely and effective manner. AWS Security Hub aggregates, organizes, and prioritizes security β¦
- Delivering on the AWS Digital Sovereignty Pledge: Control without compromise β At AWS, earning and maintaining customer trust is the foundation of our business. We understand that protecting customer data is key to achieving this. We also know that trust must continue to be earned through transparency and assurances. In November 2022, we announced the new AWS Digital Sovereignty Pledge, our β¦
- How to scan your AWS Lambda functions with Amazon Inspector β Amazon Inspector is a vulnerability management and application security service that helps improve the security of your workloads. It automatically scans applications for vulnerabilities and provides you with a detailed list of security findings, prioritized by their severity level, as well as remediation instructions. In this blog post, weβll introduce β¦
- How to monitor the expiration of SAML identity provider certificates in an Amazon Cognito user pool β With Amazon Cognito user pools, you can configure third-party SAML identity providers (IdPs) so that users can log in by using the IdP credentials. The Amazon Cognito user pool manages the federation and handling of tokens returned by a configured SAML IdP. It uses the public certificate of the SAML β¦
π Reddit threads on r/aws
- Scaling up the Prime Video audio/video monitoring service and reducing costs by 90%
- AWS Account Owner Died β Hello -- I'm on the board of a nonprofit and the founder (who owned the AWS account hosting our webpage) passed away suddenly. We want to move our hosting/domain, but do not have his AWS password/credentials. Does anyone know of a way to transfer or unlock the account? We believe β¦
- boto3 docs π β Did you see the improvements on the boto3 docs???? https://boto3.amazonaws.com/v1/documentation/api/latest/index.html I posted a while back on the painfulness of navigating the docs even though the content itself was great. It got a lot of response here. Due to a shift in work for a few months, I haven't needed the β¦
- Juice - a software solution that makes GPUs network attached (GPU-over-IP). This means you can share GPUs across CPU-only instances, and compose instances fully customized on the fly... could be HUGE for people spending lots on GPU right now.
π Newsletters
π Dev.to #aws
π "AWS Security" on Google News
π§ IAM permission changes
- appsync: 1 new condition | 1 updated action β 1 new condition: appsync:Visibility (Filters access by the visibility of an API); 1 updated action: CreateGraphqlApi (conditions)
- route53resolver: 7 updated actions β 7 updated actions: AssociateResolverEndpointIpAddress (dependents), AssociateResolverRule (dependents), CreateResolverEndpoint (dependents), DeleteResolverEndpoint (dependents), DisassociateResolverEndpointIpAddress (dependents), ListResolverRuleAssociations (dependents), UpdateResolverEndpoint (dependents)
- elasticfilesystem: 1 new condition | 1 updated action β 1 new condition: elasticfilesystem:CreateAction (Filters access by the name of a resource-creating API action); 1 updated action: TagResource (conditions)
πͺ API changes
- AWS Config - 12 updated methods β Updated ResourceType enum with new resource types onboarded by AWS Config in April 2023.
- Amazon CloudWatch - 2 updated methods β Adds support for filtering by metric names in CloudWatch Metric Streams.
- AWS Network Firewall - 3 updated methods β This release adds support for the Suricata REJECT option in midstream exception configurations.
