Issue #51
Monday · January 03, 2022
🥗 AWS security blogs
- AWS publishes PiTuKri ISAE3000 Type II Attestation Report for Finnish customers — Gaining and maintaining customer trust is an ongoing commitment at Amazon Web Services (AWS). Our customers’ industry security requirements drive the scope and portfolio of compliance reports, attestations, and certifications we pursue. AWS is pleased to announce the issuance of the Criteria to Assess the Information Security of Cloud Services …
- 2021 FINMA ISAE 3000 Type 2 attestation report for Switzerland now available on AWS Artifact — AWS is pleased to announce the issuance of a second Swiss Financial Market Supervisory Authority (FINMA) ISAE 3000 Type 2 attestation report. The latest report covers the period from October 1, 2020 to September 30, 2021, with a total of 141 AWS services and 23 global AWS Regions included in the scope. A …
- Simplify setup of Amazon Detective with AWS Organizations — Amazon Detective makes it easy to analyze, investigate, and quickly identify the root cause of potential security issues or suspicious activities by collecting log data from your AWS resources. Amazon Detective simplifies the process of a deep dive into a security finding from other AWS security services, such as Amazon …
📌 Newsletters
📌 "AWS Security" on Google News
🧁 IAM permission changes
- glue: 18 new actions, 1 new resource | 3 updated conditions, 46 updated actions — 18 new actions: BatchUpdatePartition (update one or more partitions), CancelStatement (cancel a statement in an interactive session), CreatePartitionIndex (create a specified partition index in an existing table), CreateSession (create an interactive session), DeleteColumnStatisticsForPartition (delete the partition column statistics of a column), DeleteColumnStatisticsForTable (delete the table statistics of columns), DeletePartitionIndex (delete …
- shield: 3 new actions — 3 new actions: DisableApplicationLayerAutomaticResponse (disable application layer automatic response for shield advanced protection for a resource), EnableApplicationLayerAutomaticResponse (enable application layer automatic response for shield advanced protection for a resource), UpdateApplicationLayerAutomaticResponse (update application layer automatic response for shield advanced protection for a resource)
- s3: 1 new action — 1 new action: PutAccessPointPublicAccessBlock (associate public access block configurations with a specified access point, while creating a access point)
🍪 API changes
- Amazon Chime SDK Messaging - 1 updated methods — The Amazon Chime SDK now supports updating message attributes via channel flows
- Amazon Lookout for Metrics - 1 new methods — This release adds support for Causal Relationships. Added new ListAnomalyGroupRelatedMetrics API operation and InterMetricImpactDetails API data type
- AWS MediaConnect - 7 updated methods — You can now use the Fujitsu-QoS protocol for your MediaConnect sources and outputs to transport content to and from Fujitsu devices.
- AmazonNimbleStudio - 11 updated methods — Amazon Nimble Studio adds support for users to upload files during a streaming session using NICE DCV native client or browser.
📺 AWS security bulletins
- AWSSupportServiceRolePolicy Informational Update — Between December 21, 2021 at 23:48 UTC and December 22, 2021 at 08:23 UTC, the policy used by AWS Support automated systems - AWSSupportServiceRolePolicy - inadvertently included S3:GetObject permissions. This change has been reverted. While these permissions were temporarily present, they were not and could not be used - only …
