🥗 Appetizer

Hey folks,

This year, I've got a small favor to ask you. Your thoughts and feedback on our newsletter are like secret ingredients to us. They help us whip up the perfect blend of content - fresh, secure, and exactly to your taste.

So, could you spare a moment to tell us what you love, what you'd toss out, and any flavor you think we're missing? Your input is crucial in helping us serve up the most satisfying AWS security feast.

Here's a quick survey to share your thoughts.

Thank you for helping us make this newsletter better for everyone!

Bon appétit! 🍽️
Victor

🍹 Monitor AWS Managed IAM Policies

Managed Policy changed since last week: 9

1. 🚩 AWSGrafanaWorkspacePermissionManagementV2
2. AWSLambdaVPCAccessExecutionRole
3. AccessAnalyzerServiceRolePolicy
4. AmazonECSInfrastructureRolePolicyForVolumes
5. AmazonFSxConsoleFullAccess
6. AmazonFSxConsoleReadOnlyAccess
7. AmazonFSxFullAccess
8. 🚩 AmazonFSxServiceRolePolicy
9. 🚩 DynamoDBReplicationServiceRolePolicy

Weekly diff
🤖 Powered by MAMIP - 🚩 Sensitive IAM Actions included

🥣 Secret Sauce

Each week, we'll showcase your top AWS insights, focusing on AWS Security tricks and tips. Got a cool command-line hack, a clever console maneuver, or an awesome open-source tool? Send us your best tips for a shot at being featured in our upcoming issues.

Form Scott Piper - Cloud security historian. Founding team for @fwdcloudsec - Researcher at @wiz_io

• New feature from last month for disabling access to IMDSv1 
• Easy way to get creds when you do want them from an IMDSv2 enforced EC2 or whenever else you want to figure out what the creds are that the SDK is using. 

🍪 Amazon Linux CVEs

This section will show you the latest (Important and Critical) CVEs on Amazon Linux.
Amazon Linux 2

• ALASKERNEL-5.10-2024-045 (important): kernel - CVE-2023-39198, CVE-2023-46862, CVE-2023-6121, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932
• ALASKERNEL-5.15-2024-033 (important): kernel - CVE-2023-46862, CVE-2023-6121, CVE-2023-6622, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932