Issue #89
Monday · October 24, 2022
π₯ AWS security blogs
- A sneak peek at the security, identity, and compliance sessions for re:Invent 2022 β AWS re:Invent 2022 is fast approaching, and this post can help you plan your agenda with a look at the sessions in the security track. AWS re:Invent, your opportunity to catch up on the latest technologies in cloud computing, will take place in person in Las Vegas, NV, from November β¦
- AWS successfully renews GSMA security certification for US East (Ohio) and Europe (Paris) Regions β Amazon Web Services is pleased to announce that our US East (Ohio) and Europe (Paris) Regions have been re-certified through October 2023 by the GSM Association (GSMA) under its Security Accreditation Scheme Subscription Management (SAS-SM) with scope Data Centre Operations and Management (DCOM). The US East (Ohio) and Europe (Paris) β¦
- New AWS whitepaper: Using AWS in the Context of Canadaβs Controlled Goods Program (CGP) β Amazon Web Services (AWS) has released a new whitepaper to help Canadian defense and security customers accelerate their use of the AWS Cloud. The new guide, Using AWS in the Context of Canadaβs Controlled Goods Program (CGP), continues our efforts to help AWS customers navigate the regulatory expectations of the β¦
- Analyze Amazon Cognito advanced security intelligence to improve visibility and protection β As your organization looks to improve your security posture and practices, early detection and prevention of unauthorized activity quickly becomes one of your main priorities. The behaviors associated with unauthorized activity commonly follow patterns that you can analyze in order to create specific mitigations or feed data into your security β¦
π Reddit threads on r/aws
- Dark Mode Console has finally arrived β Announcement: https://aws.amazon.com/about-aws/whats-new/2022/10/dark-mode-support-aws-management-console/ Looks pretty good too, just tried it out
- Happy 10 year birthday to the current IAM policy language version ("Version": "2012-10-17")
- Do some developers actually, REALLY, have no local environment and run everything in AWS? Is the individual cloud dev environment a real alternative to having things running locally? β tl;dr; Is using separate developer AWS accounts with "cloud" development environments to replace local environments a viable solution, or is that just a thing people do in tech demos / only a good theoretical idea? I'm at a point on a project where I'm starting to loose the battle of β¦
- Are there people who really understand everything about IAM service? β I've used AWS for nearly four years -- I have several certs and I think I grasp most IAM concepts. But I would be lying if I told you I grasp all the concepts especially around assumption/passing of roles, STS service, boundaries etc IAM is like this black box that β¦
π Newsletters
π Top Links from Security Folks
- Why Cloud Finance Is Broken and Ineffective β Cloud finance is more βcloudβ than βfinance.β This fundamental misunderstanding leads to very ineffective cloud finance efforts. Hereβs how to fix them.
π "AWS Security" on Google News
π§ IAM permission changes
- glue: 2 new actions | 3 updated actions, 1 updated resource β 2 new actions: ListCrawls (Grants permission to retrieve crawl run history for a crawler), UseGlueStudio (Grants permission to use Glue Studio and access its internal APIs); 3 updated actions: CreateDatabase (resources), TagResource (resources), UntagResource (resources); 1 updated resource: connection (conditions)
- monitron: 2 updated actions β 2 updated actions: AssociateProjectAdminUser (dependents), GetProjectAdminUser (dependents)
- sesv2: 1 new action β 1 new action: GetDedicatedIpPool (Grants permission to get information about a dedicated IP pool)
πͺ API changes
- Amazon DevOps Guru - 4 updated methods β This release adds information about the resources DevOps Guru is analyzing.
- AWS Global Accelerator - 2 new methods β Global Accelerator now supports AddEndpoints and RemoveEndpoints operations for standard endpoint groups.
- AWS Resilience Hub - 2 updated methods β In this release, we are introducing support for regional optimization for AWS Resilience Hub applications. It also includes a few documentation updates to improve clarity.
- CloudWatch RUM - 7 new methods β CloudWatch RUM now supports Extended CloudWatch Metrics with Additional Dimensions
