Issue #138
Monday · January 08, 2024
🥖 Palate Cleanser
Hey folks,What is the best way to start your week? Maybe you will start by reading this newsletter while commuting, then enjoy your ride.
We are starting the pre-reinvent announcements this month, you will see a lot of stuff moving on AWS part. Keep an eyes on MAMIP that generally spoil some announcements by catching the required IAM permissions needed by new features or services.
If you are reading the web version of this newsletter, please considering subscribing, it helps us. A lot.
Have a great week ahead!
Victor
📋 Chef's selections
🍛 Reddit threads on r/aws
- Secure way for persistent aws access from on premise db server
- Where to report Public World Writable S3 Bucket?
- Lambdas least privileges
- How to you monitoring your Users and Role
- Presigned S3 URL Expires before specified time
- Narrow IAM assume role statement
- F5 LB&WAF vs AWS ELB
- How to execute sandboxed python code in AWS
🍪 API changes
- AWS Network Firewall - 4 updated methods - This release introduces the stateless rule analyzer, which enables you to analyze your stateless rules for asymmetric routing.
- AWS Config - 12 updated methods - Updated ResourceType enum with new resource types onboarded by AWS Config in October 2023.
- AWS Global Accelerator - 7 new 4 updated methods - Global Accelerator now support accelerators with cross account endpoints.
🍹 IAM managed policy changes
Managed Policy changed since last week: 9- 🚩 AWSDataLifecycleManagerSSMFullAccess
- AWSIPAMServiceRolePolicy
- 🚩 AWSLakeFormationCrossAccountManager
- AWSQuickSightSageMakerPolicy
- AWSSSMForSAPServiceLinkedRolePolicy
- 🚩 AWSSupplyChainFederationAdminAccess
- AmazonVPCNetworkAccessAnalyzerFullAccessPolicy
- AmazonVPCReachabilityAnalyzerFullAccessPolicy
- 🚩 SecurityAudit
🤖 Powered by MAMIP | 🚩 Sensitive IAM Actions included
☕ CloudFormation resource changes
🎮 Amazon Linux vulnerabilities
This section will show you the latest (Important and Critical) CVEs on Amazon Linux.
