Issue #52
Monday · January 10, 2022
π₯ AWS security blogs
- Using AWS security services to protect against, detect, and respond to the Log4j vulnerability β January 7, 2022: The blog post has been updated to include using Network ACL rules to block potential log4j-related outbound traffic. January 4, 2022: The blog post has been updated to suggest using WAF rules when correct HTTP Host Header FQDN value is not provided in the request. December 31, β¦
- Disabling Security Hub controls in a multi-account environment β In this blog post, youβll learn about an automated process for disabling or enabling selected AWS Security Hub controls across multiple accounts and multiple regions. You may already know how to disable Security Hub controls through the Security Hub console, or using the Security Hub update-standards-control API. However, these methods β¦
- AWS re:Invent 2021 security track recap β Another AWS re:Invent is in the books! We were so pleased to be able to host live in Las Vegas again this year. And we were also thrilled to be able to host a large virtual audience. If you werenβt able to participate live, you can now view some of β¦
- Automatically resolve Security Hub findings for resources that no longer exist β In this post, youβll learn how to automatically resolve AWS Security Hub findings for previously deleted Amazon Web Services (AWS) resources. By using an event-driven solution, you can automatically resolve findings for AWS and third-party service integrations. Security Hub provides a comprehensive view of your security alerts and security posture β¦
π Reddit threads on r/aws
- Thanks to all of the "My account was hacked!" posts here, I finally setup MFA on all of my accounts β Just wanted to post a thank-you for all the hard lessons learned by the community. It was the final motivation I needed to setup MFA across all of my environments in all of my projects. I've been delaying the setup for months. Thanks for the motivation! Hopefully this serves as β¦
- Multi-Cloud is NOT the solution to the next AWS outage. β My take on the recent "December" outages. I have seen too many articles talking about Multi-Cloud in the past month, while there is a lot that can be done in terms of disaster recovery before even considering Multi-cloud. Article I wrote on the subject and alternative
- Reduced S3 costs by 60% with S3 Glacier Instant Retrieval storage class β Our S3 storage was a bit unoptimized and with bucket analytics and lifecycle rules, we've managed to reduce the costs from $3400/month to $300/month. The last piece of the puzzle was to switch from Standard IA to Glacier Instant Retrieval which enabled an additional reduction of 60% on top of β¦
- How to spend $27k on EBS Volumes you never knew you had. β TLDR;: Forget to check the hidden "Delete on Termination" checkbox for the EBS volumes of your Launch Config that is attached to the ASG of the capacity provider of your ECS cluster. Good times. A couple of months ago, we had some performance issues and determined it was best to β¦
- Announcing AWS CloudTrail Lake, a managed audit and security lake
π Newsletters
π r/netsec
π r/cloudsecurity
- What is the difference between endpoint Security and cloud security ? β Example : What is the difference between endpoint security of a win10 laptop vs win10 VM on a cloud ? We are essentially deploying the same AV solution on both of them, so what is the difference ? Any reading material, link etc would be appreciated.
π "AWS Security" on Google News
π§ IAM permission changes
- pi: 3 new actions β 3 new actions: GetResourceMetadata (call getresourcemetadata api to retrieve the metadata for different features), ListAvailableResourceDimensions (call listavailableresourcedimensions api to retrieve the dimensions that can be queried for each specified metric type on a specified db instance), ListAvailableResourceMetrics (call listavailableresourcemetrics api to retrieve metrics of the specified types that can be β¦
- iotwireless: 2 new actions β 2 new actions: DeleteQueuedMessages (delete queuedmessages), ListQueuedMessages (list the queued messages)
- elasticfilesystem: 3 new actions β 3 new actions: CreateReplicationConfiguration (create a new replication configuration), DeleteReplicationConfiguration (delete a replication configuration), DescribeReplicationConfigurations (view the description of an amazon efs replication configuration specified by filesystemid; or to view the description of all replication configurations owned by the caller's aws account in the aws region of the endpoint that β¦
πͺ API changes
- AWS AppSync - 9 updated methods β AppSync: AWS AppSync now supports configurable batching sizes for AWS Lambda resolvers, Direct AWS Lambda resolvers and pipeline functions
- Amazon Elastic Compute Cloud - 11 updated methods β This release introduces On-Demand Capacity Reservation support for Cluster Placement Groups, adds Tags on instance Metadata, and includes documentation updates for Amazon EC2.
- Amazon Elasticsearch Service - 6 updated methods β Amazon OpenSearch Service adds support for Fine Grained Access Control for existing domains running Elasticsearch version 6.7 and above
- AWS IoT Wireless - 2 new methods β Downlink Queue Management feature provides APIs for customers to manage the queued messages destined to device inside AWS IoT Core for LoRaWAN. Customer can view, delete or purge the queued message(s). It allows customer to preempt the queued messages and let more urgent messages go through.
