AWS Security Digest

Issue #148

Monday · January 29, 2024

๐Ÿฅ– Palate Cleanser

Hey folks,

I hope you're doing great! Enjoy this week's flavor of AWS insights.

For the upcoming issues, I'd love to feature your secret sauce tips. Got any cool tricks, security advice, daily AWS habits, or handy commands?

Share them with us using this form to be highlighted in one of our next issues.

Your expertise can help make our AWS community stronger!

Bon appรฉtit! ๐Ÿฝ๏ธ
Victor

๐Ÿ“‹ Chef's selections

  1. Stage Check: Single Account Setup
  2. Cloud Threat Landscape, a new TI resource for cloud defenders
  3. Collection of example Service Control Policies (SCPs)

๐Ÿฅ— AWS security blogs

๐Ÿ› Reddit threads on r/aws

Security flair only.

๐Ÿง IAM permission changes

๐Ÿช API changes

๐Ÿน IAM managed policy changes

Managed Policy changed since last week: 14
  1. AWSFaultInjectionSimulatorECSAccess
  2. AWSFaultInjectionSimulatorNetworkAccess
  3. AccessAnalyzerServiceRolePolicy
  4. AmazonECSInfrastructureRolePolicyForServiceConnectTransportLayerSecurity
  5. AmazonEMRServerlessServiceRolePolicy
  6. ๐Ÿšฉ AmazonGuardDutyMalwareProtectionServiceRolePolicy
  7. AmazonInspector2ManagedCisPolicy
  8. ๐Ÿšฉ AmazonInspector2ServiceRolePolicy
  9. AmazonRDSServiceRolePolicy
  10. ๐Ÿšฉ AmazonSageMakerCanvasFullAccess
  11. ๐Ÿšฉ AmazonSecurityLakeMetastoreManager
  12. ๐Ÿšฉ NeptuneFullAccess
  13. ๐Ÿšฉ NeptuneReadOnlyAccess
  14. ๐Ÿšฉ ROSASRESupportPolicy
Weekly diff

๐Ÿค– Powered by MAMIPย | ๐Ÿšฉ Sensitive IAM Actions included

โ˜• CloudFormation resource changes

๐ŸŽฎ Amazon Linux vulnerabilities

This section will show you the latest (Important and Critical) CVEs on Amazon Linux.

No CVE this week

Get every AWS security change,
on a plate every Monday.

6,700+ engineers, builders and CISOs let us diff the AWS changelog every week.