Issue #131
Monday · August 15, 2023
🥖 Palate Cleanser
Hey Folks,You've been busy for the last week. Don't worry; I've read all the AWS Security News for you, so you don't have to.
On August 15, 2023, EC2-Classic was officially phased out. It's noteworthy enough to mention, and a blog post from Werner is always a must-read.
A friend of mine is developing a new tool for deploying AWS LandingZone, and he published a paper discussing his approach in comparison to native solutions.
See you next week!
Victor
📋 Chef's selections
🍛 Reddit threads on r/aws
- What is the validation logic for someone being able to access the AWS console?
- `androxgh0st` in weird logs after creating ElasticBeanstalk env and app. Should I set it on fire?
- GuardDuty portscan finding
- Has anyone successfully upgraded AmazonLinux2 (or 2023) to OpenSSH v9?
- AWS account has been hacked and there is a +$4,000 fraudulent charge, AWS SECURITY IS TERRIBLE.
🍪 API changes
- Amazon GuardDuty - 2 updated methods - Add `managementType` field to ListCoverage API response.
- Amazon Elastic Compute Cloud - 3 new methods - This release adds support for restricting public sharing of AMIs through AMI Block Public Access
- Elastic Disaster Recovery Service - 3 new 11 updated methods - Updated existing APIs and added new ones to support using AWS Elastic Disaster Recovery post-launch actions. Added support for new regions.
