Issue #98
Monday · December 26, 2022
🥗 AWS security blogs
- 2022 PiTuKri ISAE 3000 Type II attestation report available with 154 services in scope — Amazon Web Services (AWS) is pleased to announce the second issuance of the Criteria to Assess the Information Security of Cloud Services (PiTuKri) International Standard on Assurance Engagements (ISAE) 3000 Type II attestation report. The scope of the report covers a total of 154 services and 24 global AWS Regions. …
- 2022 FINMA ISAE 3000 Type II attestation report now available with 154 services in scope — Amazon Web Services (AWS) is pleased to announce the third issuance of the Swiss Financial Market Supervisory Authority (FINMA) International Standard on Assurance Engagements (ISAE) 3000 Type II attestation report. The scope of the report covers a total of 154 services and 24 global AWS Regions. The latest FINMA ISAE …
- AWS CIRT announces the release of five publicly available workshops — Greetings from the AWS Customer Incident Response Team (CIRT)! AWS CIRT is dedicated to supporting customers during active security events on the customer side of the AWS Shared Responsibility Model. Over the past year, AWS CIRT has responded to hundreds of such security events, including the unauthorized use of AWS …
- Introducing the Security Design of the AWS Nitro System whitepaper — AWS recently released a whitepaper on the Security Design of the AWS Nitro System. The Nitro System is a combination of purpose-built server designs, data processors, system management components, and specialized firmware that serves as the underlying virtualization technology that powers all Amazon Elastic Compute Cloud (Amazon EC2) instances launched …
🍛 Reddit threads on r/aws
- Amazon RDS announces integration with AWS Secrets Manager
- AWS graviton t4g.small is again free until the end of next year!
- Happy Holidays AWS people — Happy holidays to one and all of you beautiful people on here. May your 2023 be filled with less demanding prs and all the time in the world to innovate.
- What's the point of paying for CodeCommit when BitBucket/GitHub have free, private repos? — According to this , CodeCommit is only free if you have 5 or less users. Otherwise it is $1 per user per month. My understanding is that Github and BitBucket have private repos, for free, with no such limitations. What is the benefit of paying for CodeCommit when I can …
📌 #AdventOfCloudSecurity
- @ vito Check out # AdventOfCloudSecurity day 10 https:// infosec.exchange/@christophetd /109491506163807997 you are looking for "IAM Roles for Service Accounts"
- 🗓️ December 24th # AdventOfCloudSecurity Together with @ houston and @ rami we wrote an analysis of over 50 publicly disclosed cloud breaches of 2022! https:// securitylabs.datadoghq.com/art icles/public-cloud-breaches-2022-mccarthy-hopkins/ Merry Christmas to everyone who celebrates it!
📌 "AWS Security" on Google News
📌 AWS IP Ranges Updates
- AWS IP Ranges update for 2022-12-13 14:03:10 — Changed by +512 Added 99.151.186.0/23
- AWS IP Ranges update for 2022-12-13 14:33:08 — Changed by +512 Added 99.151.188.0/23
🧁 IAM permission changes
- rds: 1 new condition | 6 updated actions — 1 new condition: rds:ManageMasterUserPassword (Filters access by the value that specifies whether RDS manages master user password in AWS Secrets Manager for the DB instance or cluster); 6 updated actions: CreateDBCluster (dependents, conditions), CreateDBInstance (dependents, conditions), ModifyDBCluster (dependents, conditions), RestoreDBClusterFromS3 (dependents, conditions), RestoreDBInstanceFromS3 (dependents, conditions), ModifyDBInstance (conditions, dependents)
- compute-optimizer: 3 new actions — 3 new actions: ExportECSServiceRecommendations (Grants permission to export ECS service recommendations to S3 for the provided accounts), GetECSServiceRecommendationProjectedMetrics (Grants permission to get the recommendation projected metrics of the specified ECS service), GetECSServiceRecommendations (Grants permission to get recommendations for the provided ECS services)
- sso: 1 new action — 1 new action: PutApplicationAssignmentConfiguration (Grants permission to add assignment configurations to an application)
🍪 API changes
- AWS Compute Optimizer - 3 new 6 updated methods — This release enables AWS Compute Optimizer to analyze and generate optimization recommendations for ecs services running on Fargate.
- Amazon Connect Service - 1 new methods — Amazon Connect Chat introduces the Idle Participant/Autodisconnect feature, which allows users to set timeouts relating to the activity of chat participants, using the new UpdateParticipantRoleConfig API.
- AWS IoT Core Device Advisor - 1 updated methods — This release adds the following new features: 1) Documentation updates for IoT Device Advisor APIs. 2) Updated required request parameters for IoT Device Advisor APIs. 3) Added new service feature: ability to provide the test endpoint when customer executing the StartSuiteRun API.
- Amazon Relational Database Service - 25 updated methods — Add support for managing master user password in AWS Secrets Manager for the DBInstance and DBCluster.
