Issue #66
Monday · April 18, 2022
🥗 AWS security blogs
- Amazon Cognito launches support for in-Region integration with Amazon SES and Amazon SNS — We are pleased to announce that in all AWS Regions that support Amazon Cognito, you can now integrate Amazon Cognito with Amazon Simple Email Service (Amazon SES) and Amazon Simple Notification Service (Amazon SNS) in the same Region. By integrating these services in the same Region, you can more easily …
- How to integrate AWS STS SourceIdentity with your identity provider — You can use third-party identity providers (IdPs) such as Okta, Ping, or OneLogin to federate with the AWS Identity and Access Management (IAM) service using SAML 2.0, allowing your workforce to configure services by providing authorization access to the AWS Management Console or Command Line Interface (CLI). When you federate …
🍛 Reddit threads on r/aws
- Scaling containers on AWS in 2022
- 15k bill after 3 years of unknowingly having aws running. — Today I checked my email and I had an email from AWS with a bill for 400 dollars for the month, and a bunch of months as well, tracing way back to 2019. Now, I never used AWS in my life for anything, I might have activated something by accident …
- AWS RDS Vulnerability Leads to AWS Internal Service Credentials
- Under the hood: Amazon Elastic Container Service and AWS Fargate increase task launch rates
- [AWS Lambda] Optimizing node_modules in zip files — Hey folks I was recently working through setting up some lambda infrastructure, and one thing that caught me off guard was the bloat that came from my node_modules. I can present how I solved it but I would love to hear how ya’ll are solving this problem. Before we start, …
📌 Newsletters
📌 Top Links from Security Folks
- Announcing Docker SBOM: A step towards more visibility into Docker images - Docker — Learn from Docker experts to simplify and advance your app development and management with Docker. Stay up to date on Docker events and new version …
📌 r/netsec
- [Techmonitor.ai] Failed cyberattack on Ukraine's electricity grid could indicate Russia's growing willingness to attack critical infrastructure
- Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers. The Chinese-backed Hafnium hacking group has been linked to a piece of a new malware that's used to maintain persistence on compromised Windows environments.
📌 "AWS Security" on Google News
🧁 IAM permission changes
- devicefarm: 1 updated condition — 1 updated condition: aws:TagKeys (type)
- billingconductor: 1 updated condition, 4 updated resources, 18 updated actions — 1 updated condition: aws:TagKeys (type); 4 updated resources: pricingplan (arn), customlineitem (arn), pricingrule (arn), billinggroup (arn); 18 updated actions: ListPricingRulesAssociatedToPricingPlan (resources), ListPricingPlansAssociatedWithPricingRule (resources), AssociatePricingRules (resources), DeletePricingRule (resources), DeleteCustomLineItem (resources), DeletePricingPlan (resources), UpdateBillingGroup (resources), BatchAssociateResourcesToCustomLineItem (resources), DisassociatePricingRules (resources), UpdateCustomLineItem (resources), UpdatePricingPlan (resources), DeleteBillingGroup (resources), ListResourcesAssociatedToCustomLineItem (resources), CreateBillingGroup (resources), AssociateAccounts (resources), BatchDisassociateResourcesFromCustomLineItem …
- sms-voicev2: 1 updated condition — 1 updated condition: aws:TagKeys (type)
🍪 API changes
- Amazon Appflow - 5 updated methods — Enables users to pass custom token URL parameters for Oauth2 authentication during create connector profile
- Amazon AppStream - 3 updated methods — Includes updates for create and update fleet APIs to manage the session scripts locations for Elastic fleets.
- AWS Batch - 2 updated methods — Enables configuration updates for compute environments with BEST_FIT_PROGRESSIVE and SPOT_CAPACITY_OPTIMIZED allocation strategies.
- AWS Glue - 6 updated methods — Auto Scaling for Glue version 3.0 and later jobs to dynamically scale compute resources. This SDK change provides customers with the auto-scaled DPU usage
📺 AWS security bulletins
- Reported AWS Desktop VPN Client for Windows Issue — Initial Publication Date: 2022/04/12 15:30 PST AWS is aware of the issues described in CVE-2022-25165 and CVE-2022-25166 relating to the AWS-provided Desktop VPN Client for Windows. These issues affect only client versions 2.0.0 and below; they have been addressed in version 3.0.0 and above. Note that these issues require existing …
- Reported Amazon RDS PostgreSQL issue — Initial Publication Date: 2022/04/11 16:45 PST Last Updated Date: 2022/04/12 13:00 PST A security researcher recently reported an issue with Aurora PostgreSQL. Using this issue, they were able to gain access to internal credentials that were specific to their Aurora cluster. No cross-customer or cross-cluster access was possible; however, highly …
