Issue #63
Monday · March 28, 2022
🥗 AWS security blogs
- ISO/IEC 27001 certificates now available in French and Spanish — French version Spanish version We continue to listen to our customers, regulators, and stakeholders to understand their needs regarding audit, assurance, certification, and attestation programs at Amazon Web Services (AWS). We are pleased to announce that ISO/IEC 27001 certificates for AWS are now available in French and Spanish on AWS …
- How to use AWS Security Hub and Amazon OpenSearch Service for SIEM — AWS Security Hub provides you with a consolidated view of your security posture in Amazon Web Services (AWS) and helps you check your environment against security standards and current AWS security recommendations. Although Security Hub has some similarities to security information and event management (SIEM) tools, it is not designed …
🍛 Reddit threads on r/aws
- Trouble choosing the services (read comment)
- AWS Lambda Now Supports Up to 10 GB Ephemeral Storage
- 10GB Ephemeral Storage for AWS Lambda
- 200k members. Congrats to /r/aws! — It has been great to see this community grow. Please let us know what is working well and what can be improved. Some recent updates: * Twitter links are now allowed * We are working on some more AMAs (suggestions welcome) * For now we've pinned the MFA message to …
- The person that identifies the most anti-patterns in this getting started guide wins
📌 Newsletters
📌 r/netsec
📌 r/cloudsecurity
- Cloud Security Certification — I am new to cloud security. I am looking for some suggestions around which cloud security certifications should I start with and what are the resources that I would/ should refer to prepare for these certifications?
📌 "AWS Security" on Google News
🧁 IAM permission changes
- ec2: 3 new actions, 1 new resource | 1 updated action — 3 new actions: DeleteResourcePolicy (Grants permission to remove an IAM policy that enables cross-account sharing from a resource), GetResourcePolicy (Grants permission to describe an IAM policy that enables cross-account sharing), PutResourcePolicy (Grants permission to attach an IAM policy that enables cross-account sharing to a resource); 1 new resource: group; 1 …
- quicksight: 2 new actions — 2 new actions: DescribeGroupMembership (Grants permission to describe a QuickSight group member), SearchGroups (Grants permission to search for a sub-set of QuickSight groups)
- s3-outposts: 1 new action — 1 new action: ListSharedEndpoints (Grants permission to list shared endpoints)
🍪 API changes
- Amazon Elastic Compute Cloud - 3 updated methods — This is release adds support for Amazon VPC Reachability Analyzer to analyze path through a Transit Gateway.
- Amazon Simple Systems Manager (SSM) - 9 updated methods — This Patch Manager release supports creating, updating, and deleting Patch Baselines for Rocky Linux OS.
- AWS Config - 2 new 17 updated methods — Added new APIs GetCustomRulePolicy and GetOrganizationCustomRulePolicy, and updated existing APIs PutConfigRule, DescribeConfigRule, DescribeConfigRuleEvaluationStatus, PutOrganizationConfigRule, DescribeConfigRule to support a new feature for building AWS Config rules with AWS CloudFormation Guard
- AWS Lambda - 8 updated methods — Adds support for increased ephemeral storage (/tmp) up to 10GB for Lambda functions. Customers can now provision up to 10 GB of ephemeral storage per function instance, a 20x increase over the previous limit of 512 MB.
