🥖 Palette Cleanser

We all complain when the internet is on fire, but when it's not, I complain there's not enough to write about. :/

ACM public certificates now max out at 198 days (down from 395), getting ahead of the CA/Browser Forum mandate requiring ≤200-day validity effective March 15, 2026. In practice, nothing changes for you. ACM handles renewal automatically 45 days before expiry. Thanks Ivo Pinto for spotting this.

Have feedback about AWS Security Digest? Tell us here. This issue is also available to share online.

📋 Chef's selections

• Locking down AWS principal tags with RCPs and SCPs by Aidan Steele

  You've built tag-based access controls, but what stops a dev team from slapping AllowAccessKeys=true on their own roles? Aidan shows how to combine RCPs (to protect the tagging role itself) with SCPs (to enforce tag requirements) so your principal tags actually mean something. The worked example covers restricting long-lived credential creation to specific teams.

• Don't expose yourself in public - let AWS error messages do it for you by Chef Daniel Grzelak

  AWS quietly shipped friendlier IAM errors in late January that tell you exactly which policy layer denied your request. It turns out you can weaponize this: apply a deny-all session policy, call the API, and if your session policy is the blocker, the resource policy would have allowed anonymous access. Years of mutation-based recon techniques just got deprecated.

• How Security Tool Misuse Is Reshaping Cloud Compromise by Sayali Warekar

  TruffleHog and friends were built to find your leaked secrets before attackers do. Now attackers are using them too. The playbook is brutally efficient: discover creds, validate with sts:GetCallerIdentity, enumerate IAM permissions, exfiltrate. The article focuses on recent campaigns, including Shai-Hulud (a self-replicating worm across 500+ NPM packages exposing ~14k secrets), and shows why long-lived keys remain the gift that keeps on giving.

🥗 AWS security blogs

• 📣 AWS IAM Identity Center is now available in the Asia Pacific (New Zealand) AWS Region
• 📣 AWS Certificate Manager updates default certificate validity to comply with new guidelines
• Prepare for FedRAMP 20x with AWS automation and validation by Paul Keastead
• AI-augmented threat actor accesses FortiGate devices at scale by CJ Moses
• Building an AI-powered defense-in-depth security architecture for serverless microservices by Roger Nem

🍛 Reddit threads on r/aws

• AWS Certificate Manager updates default certificate validity to comply with new guidelines
• Weird mail, possible risk

💸 Sponsor shoutout

Meet Pleri: your AI-powered cloud security teammate. She’s not a chatbot. Pleri proactively finds meaningful security work and fixes issues before they become problems.

Learn more about Pleri and see her in action.

🧁 IAM permission changes

• redshift-serverless
• bedrock
• connect
• logs
• glue
• bedrock-mantle
• auditmanager
• workmail
• payment-cryptography
• sts

🍪 API changes

• Amazon AppStream
• Amazon SageMaker Runtime
• AWS Signer Data Plane
• Amazon Simple Systems Manager (SSM)
• TrustedAdvisor Public API
• AWS Billing and Cost Management Dashboards
• Private CA Connector for SCEP
• AWS Clean Rooms Service
• Amazon Elastic Compute Cloud
• Amazon Managed Grafana
• Amazon Relational Database Service
• Managed Streaming for Kafka
• AWS Key Management Service
• Amazon Q Connect

🍹 IAM managed policy changes

• AWSAccountActivityAccess
• CloudWatchLogsAPIKeyAccess
• AmazonEKSNetworkingPolicy
• AWSMarketplaceSellerProductsFullAccess
• AWSMarketplaceSellerFullAccess
• ConsoleViewOnlyAccessFromVercel
• AWSServiceRoleForAmazonEKSNodegroup
• SageMakerStudioProjectUserRolePolicy
• AWSServiceRoleForAIDevOpsPolicy
• SageMakerStudioProjectUserRolePolicy

☕ CloudFormation resource changes

No resource updates this week.

🎮 Amazon Linux vulnerabilities

• CVE-2026-26960: node-tar hardlink allows arbitrary file read/write (7.1)
• CVE-2026-2708: libsoup3 HTTP request smuggling (3.7)
• CVE-2026-2049: gegl heap overflow in HDR parsing (7.8)
• CVE-2026-2243: QEMU VMDK out-of-bounds read (5.1)
• CVE-2026-2050: gegl heap overflow in RGBE parsing (7.8)
• CVE-2026-23216: Linux kernel iSCSI use-after-free (7.0)
• CVE-2026-27171: zlib crc32 infinite loop DoS (2.9)
• CVE-2025-71227: Linux kernel mac80211 invalid channel warning (5.5)
• CVE-2025-71228: Linux kernel LoongArch memory protection mapping (5.5)
• CVE-2025-71226: Linux kernel iwlwifi PTP stub fix (5.5)
• CVE-2026-2641: ctags V parser uncontrolled recursion (3.3)
• CVE-2026-23218: Linux kernel loongson GPIO NULL check (5.5)
• CVE-2025-71225: Linux kernel RAID suspend race condition (7.0)
• CVE-2026-22860: Rack path traversal in directory listing (7.5)
• CVE-2026-23215: Linux kernel x86/vmware hypercall clobbers (7.0)
• CVE-2026-2604: evolution-data-server arbitrary file deletion via Flatpak (5.6)
• CVE-2026-23211: Linux kernel swap_space panic fix (5.5)
• CVE-2026-25500: Rack directory listing XSS via javascript: filename (5.4)
• CVE-2026-23212: Linux kernel bonding data race fix (5.5)
• CVE-2026-23214: Linux kernel btrfs read-only transaction fix (5.5)
• CVE-2025-66614: Tomcat TLS client cert bypass via SNI mismatch (5.3)
• CVE-2026-24734: Tomcat Native OCSP verification bypass (7.4)
• CVE-2026-24733: Tomcat HTTP/0.9 HEAD request security bypass (5.3)

📺 AWS security bulletins

No bulletins this week.

🚬 Security documentation changes

• ACM: Certificate validity reduced to 198 days for CA/B Forum compliance
• ACM: Renewal window now 45 days (public) / 60 days (private)
• ACM: Updated alert intervals for new validity period
• ACM: Event notification intervals updated
• ACM: Added CA/B Forum compliance explanation
• ACM: Validity period docs updated
• Amazon MQ: New RabbitMQ SSL troubleshooting codes
• Aurora DSQL: Golang SDK auth now uses built-in SDK v2 methods
• CLI: Added --association-dispatch-assume-role parameter
• CLI: Added --association-dispatch-assume-role parameter
• IVS: CocoaPods deprecated, SDK updated to 1.49.0
• OpenSearch: IAM role mapping prerequisite for fine-grained access control
• Outposts: IP planning warning for BGP conflicts
• Outposts: Service Link IP conflict guidance
• Redshift: idp_partition docs improved with Azure AD examples
• Redshift: New idp_partition for Azure AD endpoints
• AppStream 2.0: Client 1.2.1733 with security fixes
• AppStream 2.0: New IMDS configuration docs with IMDSv1 disable examples
• Bedrock: Automated Reasoning docs note prompt injection limitations
• Clean Rooms: IAM examples updated for federated catalogs
• CodePipeline: Granular IAM conditions for repository access
• Control Tower: Controls updated for S3 encryption/logging protection
• Greengrass: v2.3.1/2.3.2 with cert handling fixes
• Nova: Prerequisites section with IAM permissions
• Nova: Renamed SageMaker AI HyperPod to SageMaker HyperPod
• Nova: Terminology update SageMaker AI to SageMaker
• ParallelCluster: v3.14.2 patches CVE-2026-25506 (munge)
• Security Lake: Disabling docs enhanced with cleanup details
• Security Lake: Managed policy now includes lambda:DeleteFunction
• Security Hub: New [APIGateway.10] requires HTTPS for V2 private connections
• Security Hub: New [ELB.21] and [ELB.22] require encrypted ALB/NLB protocols
• Systems Manager: Idle timeout and strict session enforcement docs
• Transfer Family: IAM policies require Access Point ARN not alias
• VPN: Windows client 5.3.2 with improved security posture
• WorkSpaces: Hide last signed-in user guidance updated
• WorkSpaces: Credential Guard/VBS section reorganized
• WorkSpaces: Credential Guard/VBS link added
• WorkSpaces: Credential Guard/VBS heading updated
• WorkSpaces: Last logged-on user content reorganized