Issue #86
Monday · October 03, 2022
π₯ AWS security blogs
- Best practices for setting up Amazon Macie with AWS Organizations β In this post, weβll walk through the best practices to implement before you enable Amazon Macie across all of your AWS accounts within AWS Organizations. Amazon Macie is a data classification and data protection service that uses machine learning and pattern matching to help secure your critical data in AWS. β¦
- How to automatically build forensic kernel modules for Amazon Linux EC2 instances β In this blog post, we will walk you through the EC2 forensic module factory solution to deploy automation to build forensic kernel modules that are required for Amazon Elastic Compute Cloud (Amazon EC2) incident response automation. When an EC2 instance is suspected to have been compromised, itβs strongly recommended to β¦
π Reddit threads on r/aws
- Dear AWS: Please open a US Central Region
- I made a browser extension that sets the proper favicon for AWS services
- us-west-2 outage? β We are seeing major issues with API Gateway. Anyone else?
- Diagram-as-code for AWS architecture
π Newsletters
π Top Links from Security Folks
- GitHub - zoph-io/aws-security-survival-kit: Bare minimum AWS Security Alerting β Bare minimum AWS Security Alerting. Contribute to zoph-io/aws-security-survival-kit development by creating an account on GitHub.
π "AWS Security" on Google News
π§ IAM permission changes
- ec2: 1 new action | 13 updated actions β 1 new action: ModifyLocalGatewayRoute (Grants permission to modify a local gateway route); 13 updated actions: DescribeElasticGpus (access), DescribeFastLaunchImages (access), DescribeFastSnapshotRestores (access), DescribeFleets (conditions, resources), DescribeScheduledInstanceAvailability (access), DescribeScheduledInstances (access), DescribeTags (access), DescribeTransitGatewayPolicyTables (access), DescribeTransitGatewayRouteTableAnnouncements (access), DescribeVolumesModifications (access), DescribeVpnConnections (access), GetInstanceTypesFromInstanceRequirements (access), GetIpamPoolAllocations (access)
- inspector2: 2 new actions β 2 new actions: GetConfiguration (Grants permission to retrieve information about the Amazon Inspector configuration settings for an AWS account), UpdateConfiguration (Grants permission to update information about the Amazon Inspector configuration settings for an AWS account)
- sts: 6 updated actions, 1 updated condition | 3 removed conditions β 6 updated actions: AssumeRole (conditions), AssumeRoleWithSAML (conditions), AssumeRoleWithWebIdentity (conditions), GetFederationToken (conditions), TagSession (conditions), SetSourceIdentity (conditions); 1 updated condition: aws:TagKeys (type); 3 removed conditions: aws:FederatedProvider (Filters access by the IdP that was used to authenticate the user), aws:PrincipalTag/${TagKey} (Filters access by the tag associated with the principal that is making the β¦
πͺ API changes
- AWS CodeDeploy - 3 updated methods β This release allows you to override the alarm configurations when creating a deployment.
- Amazon DevOps Guru - 2 updated methods β This release adds filter feature on AddNotificationChannel API, enable customer to configure the SNS notification messages by Severity or MessageTypes
- Amazon Data Lifecycle Manager - 3 updated methods β This release adds support for archival of single-volume snapshots created by Amazon Data Lifecycle Manager policies
- Amazon SageMaker Runtime - 1 updated methods β A new parameter called ExplainerConfig is added to CreateEndpointConfig API to enable SageMaker Clarify online explainability feature.
