Issue #71
Monday · May 23, 2022
π₯ AWS security blogs
- Spring 2022 SOC reports now available with 150 services in scope β At Amazon Web Services (AWS), weβre committed to providing our customers with continued assurance over the security, availability and confidentiality of the AWS control environment. Weβre proud to deliver the Spring 2022 System and Organizational (SOC) 1, 2 and 3 reports, which cover October 1, 2021 to March 31, 2022, β¦
- AWS Security Profile: Ely Kahn, Principal Product Manager for AWS Security Hub β In the AWS Security Profile series, I interview some of the humans who work in Amazon Web Services Security and help keep our customers safe and secure. This interview is with Ely Kahn, principal product manager for AWS Security Hub. Security Hub is a cloud security posture management service that β¦
- Choosing the right certificate revocation method in ACM Private CA β AWS Certificate Manager Private Certificate Authority (ACM PCA) is a highly available, fully managed private certificate authority (CA) service that allows you to create CA hierarchies and issue X.509 certificates from the CAs you create in ACM PCA. You can then use these certificates for scenarios such as encrypting TLS β¦
π Reddit threads on r/aws
- AWS, I love your services and APIs but your API/SDK/CLI docs are killin' me! β I can't be the only one feeling this. I love AWS APIs. I love the services. But the API/SDK/CLI docs are soooo painful to navigate. I've written my own doc search helper for CLI/API that helps me get around. Iβm going to have to write something else to help with β¦
- AWS Control Tower can now use customer provided core accounts
- Expert Level AWS Learning Materials β I recently started a new job with a company as a Senior DevOps Engineer and want to brush up my AWS knowledge specifically around EKS, RDS, Elasticsearch, SNS, SQS, IAM/access control, and EC2. I have spent the last year or so working on Azure with some experience with AWS before β¦
- 5 steps to lose your AWS account β Today I learned how to lose an AWS account. It is really easy: β Use the same email for AWS & amazon Set your phone number as 2nd factor instead MFA Do not set secret questions in your amazon account Buy nothing at amazon Change the location Have fun. β β¦
- How can I document an AWS project? β I'm intending to do a personal project using AWS tools suchs as S3, EC2, MWAA and etc for my portfolio. I'm not an AWS expert, but a question striked me: How could I document this project in common portfolio platforms such as GitHub and etc?
π Newsletters
π Top Links from Security Folks
- Zero Maintenance AWS Canary Tokens That Scale - William Bengtson - Medium β by William Bengtson | @__muscles
- Security reference architecture for a serverless application β A walkthrough of security controls in a serverless architecture via a demo application
π r/netsec
π r/cloudsecurity
- Whatβs your guys certification roadmap? β Currently studying for my AWS SAA. Iβm wondering after I complete this, what should I do next? I donβt have any security knowledge currently, so Iβm thinking of getting my sec+ first before getting cloud vendor security certifications. Would that make sense? Let me know what you guys think and β¦
π "AWS Security" on Google News
π§ IAM permission changes
- quicksight: 1 new action β 1 new action: UpdatePublicSharingSettings (Grants permission to enable or disable public sharing on an account)
- deepcomposer: 1 updated condition β 1 updated condition: aws:TagKeys (type)
- iotevents: 1 new action | 9 updated actions β 1 new action: BatchDeleteDetector (Grants permission to delete a detector instance within the AWS IoT Events system); 9 updated actions: BatchDisableAlarm (resources), BatchAcknowledgeAlarm (resources), BatchSnoozeAlarm (resources), BatchResetAlarm (resources), BatchEnableAlarm (resources), BatchUpdateDetector (resources), ListTagsForResource (resources), TagResource (resources), UntagResource (resources)
πͺ API changes
- GameSparks - 3 updated methods β This release adds an optional DeploymentResult field in the responses of GetStageDeploymentIntegrationTests and ListStageDeploymentIntegrationTests APIs.
- Amazon Lookout for Metrics - 2 updated methods β In this release we added SnsFormat to SNSConfiguration to support human readable alert.
- AWS App Mesh - 8 updated methods β This release updates the existing Create and Update APIs for meshes and virtual nodes by adding a new IP preference field. This new IP preference field can be used to control the IP versions being used with the mesh and allows for IPv6 support within App Mesh.
- AWS IoT Greengrass V2 - 1 new 3 updated methods β This release adds the new DeleteDeployment API operation that you can use to delete deployment resources. This release also adds support for discontinued AWS-provided components, so AWS can communicate when a component has any issues that you should consider before you deploy it.
