Issue #47
Monday · November 29, 2021
๐ฅ AWS security blogs
- AWS Security Profiles: Megan OโNeil, Sr. Security Solutions Architect โ In the week leading up to AWS re:Invent 2021, weโll share conversations weโve had with people at AWS who will be presenting, and get a sneak peek at their work. How long have you been at Amazon Web Services (AWS), and what do you do in your current role? Iโve โฆ
- How to enable secure seamless single sign-on to Amazon EC2 Windows instances with AWS SSO โ Today, weโre launching new functionality that simplifies the experience to securely access your AWS compute instances running Microsoft Windows. We took on this update to respond to customer feedback around creating a more streamlined experience for administrators and users to more securely access their EC2 Windows instances. The new experience โฆ
- 2021 PCI 3DS report now available โ We are excited to announce that Amazon Web Services (AWS) has released the latest 2021 PCI 3-D Secure (3DS) attestation to support our customers implementing EMVยฎ 3-D Secure services on AWS. Although AWS doesnโt directly perform the functions of 3DS Server (3DSS), 3DS Directory Server (DS), or 3DS Access Control โฆ
- AWS Security Profiles: Merritt Baer, Principal in OCISO โ In the week leading up AWS re:Invent 2021, weโll share conversations weโve had with people at AWS who will be presenting, and get a sneak peek at their work. How long have you been at Amazon Web Services (AWS), and what do you do in your current role? Iโm a โฆ
๐ Reddit threads on r/aws
- First 1 TB of CloudFront & 100GB of other data xfer out traffic becoming free as of Dec. 1
- Amazon Linux 2022 Coming
- AWS Free Tier Data Transfer Expansion โ 100 GB From Regions and 1 TB From Amazon CloudFront Per Month
- Announcing AWS Fargate for Amazon ECS Powered by AWS Graviton2 Processors
- AWS launches NAT64 and DNS64 capabilities to enable communication between IPv6 and IPv4 services
๐ Newsletters
๐ AWS Security by CloudNews
- AWS Single Sign-On is now in scope for AWS SOC reporting โ AWS Single Sign-On (AWS SSO) is now in scope for AWS SOC 1 , SOC 2, and SOC 3 reports. You can now use AWS SSO in applications requiring audited evidence of the controls in our System and Organization Controls (SOC) reporting. For example, if you use AWS to manage โฆ
- AWS WAF adds support for Captcha โ AWS today announced AWS WAF Captcha to help block unwanted bot traffic by requiring users to successfully complete challenges before their web request are allowed to reach AWS WAF protected resources. Captcha is an acronym for Completely Automated Public Turing test to tell Computers and Humans Apart and is commonly โฆ
- AWS Single Sign-On now provides one-click login to Amazon EC2 instances running Microsoft Windows โ You can now enable one-click single sign-on to your Amazon Elastic Compute Cloud instances running Microsoft Windows (Amazon EC2 Windows Instances) with AWS Single Sign-Onand, nbsp;(AWS SSO). You can connect your instances with users from AWS SSO or any AWS SSO supported identity provider, such as Okta, Ping, and OneLogin. โฆ
๐ Top Links from Security Folks
- pre:Invent 2021 - Chris Farris โ There were 234 AWS announcements in pre:Invent season. I breakdown and snark about 27 of them relating to security and governance.
๐ r/netsec
๐ r/cloudsecurity
- Advise for learning cloud security โ Hello, I'm trying to explore the cloud security field and i was wondering what advice you can give to a beginner or best learning path for cloud security. I know basics of AWS, Azure, GCP.
๐ "AWS Security" on Google News
๐ง IAM permission changes
- quicksight: 4 new actions, 1 new resource โ 4 new actions: CreateEmailCustomizationTemplate (create a quicksight email customization template), DeleteEmailCustomizationTemplate (delete a quicksight email customization template), DescribeEmailCustomizationTemplate (describe a quicksight email customization template), UpdateEmailCustomizationTemplate (update a quicksight email customization template); 1 new resource: emailCustomizationTemplate
- iotsitewise: 6 new actions, 1 new resource, 2 new conditions | 4 updated actions โ 6 new actions: AssociateTimeSeriesToAssetProperty (associate a time series with an asset property), DeleteTimeSeries (delete a time series), DescribeTimeSeries (describe a time series), DisassociateTimeSeriesFromAssetProperty (disassociate a time series from an asset property), GetInterpolatedAssetPropertyValues (retrieve interpolated values for an asset property), ListTimeSeries (list time series); 1 new resource: time-series; 2 new conditions: โฆ
- workspaces: 3 updated actions โ 3 updated actions: DescribeTags (access), CreateTags (conditions), DeleteTags (conditions)
๐ช API changes
- AWS Migration Hub Refactor Spaces - 23 new methods โ This is the initial SDK release for AWS Migration Hub Refactor Spaces
- Amazon Personalize - 8 new 7 updated methods โ This release adds API support for Recommenders and BatchSegmentJobs.
- Amazon Personalize Runtime - 1 updated methods โ This release adds API support for Recommenders and BatchSegmentJobs.
- Amazon Textract - 1 new methods โ This release adds support for synchronously analyzing identity documents through a new API: AnalyzeID
