Issue #69
Monday · May 09, 2022
🥗 AWS security blogs
- How to use new Amazon GuardDuty EKS Protection findings — If you run container workloads that use Amazon Elastic Kubernetes Service (Amazon EKS), Amazon GuardDuty now has added support that will help you better protect these workloads from potential threats. Amazon GuardDuty EKS Protection can help detect threats related to user and application activity that is captured in Kubernetes audit …
🍛 Reddit threads on r/aws
- Website to PDF using AWS Lambda Function URLs and CDK
- Dear AWS - Please stop your VPN Client from fucking with my networking settings — (Apologies for the ranty-ness, but this is seriously driving me up the wall because I keep having to fix it multiple times a day) On Ubuntu, every time I connect to the VPN with the AWS VPN Client, it sets net.ipv4.ip_forward=0 This fucks up networking on my machine, particularly Docker …
- Need Advice - 75 printers requesting our APIs 200 million times — Hi, We have an integration with a printer manufacturer and their printers are set up in a way that requests our APIs every second to check if we have a print job available for the given printer. Unfortunately, the printer manufacturer has not heard of webhooks or sockets and is …
- At what point does glacier make sense? Got hit with a big transfer fee — EDIT : going to say this is solved. It was most likely the transfer fee that got us (we have 425M objects from all kinds of different logging systems like aws config, flow logs, etc etc). Solution : Looking at using intelligent tiering or maybe just zipping logs up once …
- Accidentally created a bunch of instances in EC2... how much will I get charged? (free tier) — I was making copies of my main instance and created 7 copies of it. I immediately stopped them (so that they don't eat up my free hours) but didn't fully delete/terminate them until half an hour later. I know EC2 gives 750 hours of free usage each month, but I'm …
📌 Newsletters
📌 r/netsec
📌 r/cloudsecurity
- GPCS (GIAC Public Cloud Security) — Hello Guys! anyone studying for the GPCS? Currently studying CCSK and I cant go with CCSP next due that I dont have enough experience. Do i need to go train with SANS first for me to take the GPCS? Thanks!
📌 "AWS Security" on Google News
🧁 IAM permission changes
- workspaces: 1 updated condition — 1 updated condition: aws:TagKeys (type)
- shield: 1 updated condition — 1 updated condition: aws:TagKeys (type)
- sqlworkbench: 1 new action | 1 updated condition — 1 new action: UpdateAccountExportSettings (Grants permission to update account-wide export settings); 1 updated condition: aws:TagKeys (type)
🍪 API changes
- AWS DataSync - 6 updated methods — AWS DataSync now supports a new ObjectTags Task API option that can be used to control whether Object Tags are transferred.
- Amazon Elastic Compute Cloud - 24 updated methods — Amazon EC2 I4i instances are powered by 3rd generation Intel Xeon Scalable processors and feature up to 30 TB of local AWS Nitro SSD storage
- AWS IoT - 2 updated methods — AWS IoT Jobs now allows you to create up to 100,000 active continuous and snapshot jobs by using concurrency control.
- AWSKendraFrontendService - 1 updated methods — AWS Kendra now supports hierarchical facets for a query. For more information, see https://docs.aws.amazon.com/kendra/latest/dg/filtering.html
