Issue #130
Monday · November 13, 2023
🥖 Palate Cleanser
Hey Folks,You've been busy for the last week. Don't worry; I've read all the AWS Security News for you, so you don't have to.
Here's a sum up, great content from Wiz and great features from AWS, like RegEx on CloudWatch Logs and enhanced Botnet protection for AWS WAF.
Also, the ECS team brings aws:ResourceTag/${TagKey} condition to nearly all ECS actions.
See you next week!
Victor
📋 Chef's selections
🍛 Reddit threads on r/aws
- Amazon CloudWatch Logs announces regular expression filter pattern syntax support
- Using AWS SSO to Allow Appropriate IAM Roles in Users Account
- Bucket ownership & granting permissions
- Setting up mfa
- AWS external vulnerability scanner instance to scan public facing network.
- Are we doing Shift-Left wrong?
- Using Cognito from an app
- Privacy and security of EC2
🍪 API changes
Amazon Elastic Compute Cloud - 24 updated methods Introducing Amazon EC2 C7gd, M7gd, and R7gd Instances with up to 3.8 TB of local NVMe-based SSD block-level storage. These instances are powered by AWS Graviton3 processors, delivering up to 25% better performance over Graviton2-based instances.Amazon Relational Database Service - 18 updated methods Add support for feature integration with AWS Backup.
AWS WAFV2 - 8 updated methods The targeted protection level of the Bot Control managed rule group now provides optional, machine-learning analysis of traffic statistics to detect some bot-related activity. You can enable or disable the machine learning functionality through the API.
