Issue #92
Monday · November 14, 2022
๐ฅ AWS security blogs
- Detect and block advanced bot traffic โ Automated scripts, known as bots, can generate significant volumes of traffic to your mobile applications, websites, and APIs. Targeted bots take this a step further by targeting website content, such as product availability or pricing. Traffic from targeted bots can result in a poor user experience by competing against legitimate โฆ
- AWS Security Profile: Param Sharma, Principal Software Engineer โ In the weeks leading up to AWS re:Invent 2022, Iโm interviewing some of the humans who work in AWS Security, help keep our customers safe and secure, and also happen to be speaking at re:Invent. This interview is with Param Sharma, principal software engineer for AWS Private Certificate Authority (AWS โฆ
- How to evaluate and use ECDSA certificates in AWS Certificate Manager โ AWS Certificate Manager (ACM) is a managed service that enables you to provision, manage, and deploy public and private SSL/TLS certificates that you can use to securely encrypt network traffic. You can now use ACM to request Elliptic Curve Digital Signature Algorithm (ECDSA) certificates and associate the certificates with AWS โฆ
๐ Reddit threads on r/aws
๐ Newsletters
๐ Top Links from Security Folks
- Introducing Amazon EventBridge Scheduler | Amazon Web Services โ Today, we are announcing Amazon EventBridge Scheduler. This is a new capability from Amazon EventBridge that allows you to create, run, and manage scheduled tasks โฆ
- Update detected ยท z0ph/MAMIP@e15adad โ [MAMIP] Monitor AWS Managed IAM Policies Changes . Contribute to z0ph/MAMIP development by creating an account on GitHub.
- aws.permissions.cloud โ Permissions Reference for AWS IAM
๐ "AWS Security" on Google News
๐ง IAM permission changes
- config: 3 new actions | 25 updated actions, 3 updated resources โ 3 new actions: GetCustomRulePolicy (Grants permission to return the policy definition containing the logic for your AWS Config Custom Policy rule), GetOrganizationCustomRulePolicy (Grants permission to return the policy definition containing the logic for your organization AWS Config Custom Policy rule), ListConformancePackComplianceScores (Grants permission to return the percentage of compliant rule-resource โฆ
- backup-storage: 14 new actions โ 14 new actions: CommitBackupJob (Grants permission to commit backup job), DeleteObjects (Grants permission to delete objects), DescribeBackupJob (Grants permission to describe backup job), GetBaseBackup (Grants permission to get base backup), GetChunk (Grants permission to get data from a recovery point for a restore job), GetIncrementalBaseBackup (Grants permission to get incremental โฆ
- geo: 1 new action, 2 new conditions | 9 updated actions, 2 updated resources โ 1 new action: GetPlace (Grants permission to find a place by its unique ID); 2 new conditions: geo:DeviceIds (Filters access by the presence of device ids in the request), geo:GeofenceIds (Filters access by the presence of geofence ids in the request); 9 updated actions: BatchDeleteDevicePositionHistory (conditions), BatchDeleteGeofence (conditions), BatchGetDevicePosition (conditions), โฆ
๐ช API changes
- AWS IoT - 1 new 7 updated methods โ This release add new api listRelatedResourcesForAuditFinding and new member type IssuerCertificates for Iot device device defender Audit.
- AWS License Manager - 2 new methods โ AWS License Manager now supports onboarded Management Accounts or Delegated Admins to view granted licenses aggregated from all accounts in the organization.
- AWS Marketplace Catalog Service - 3 new 1 updated methods โ Added three new APIs to support tagging and tag-based authorization: TagResource, UntagResource, and ListTagsForResource. Added optional parameters to the StartChangeSet API to support tagging a resource while making a request to create it.
- Amazon Rekognition - 2 updated methods โ Adding support for ImageProperties feature to detect dominant colors and image brightness, sharpness, and contrast, inclusion and exclusion filters for labels and label categories, new fields to the API response, "aliases" and "categories"
