Issue 38 of AWS Cloud Security Weekly
AJ
Posted on April 2, 2024
(Summary of Issue 38 of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-38 << Subscribe to receive the full version in your inbox weekly).
What happened in AWS CloudSecurity & CyberSecurity last week March 19-April 1, 2024?
- AWS Identity and Access Management (IAM) Roles Anywhere credentials can now remain valid for up to 12 hours, allowing you to authenticate any AWS request. Previously, the temporary credentials were valid for only 1 hour, but now it ranges from 15 minutes to 12 hours. The default duration remains at 1 hour, but you can optimize the number of CreateSession requests to IAM Roles Anywhere by extending the validity period as needed.
- You now have the option to configure all future launches of Amazon EC2 instances in your account to utilize Instance Metadata Service Version 2 (IMDSv2) as the default setting. IMDSv2 represents an enhancement that introduces session-oriented requests, bolstering security measures against unauthorized access to metadata. Previously, to enforce IMDSv2-only access, you had to either utilize the IMDS Amazon Machine Image (AMI) property, configure Instance Metadata Options during instance launch, or employ the ModifyInstanceMetadataOptions API to update instances post-launch.
- Now, you have the capability to employ both GitLab and GitLab Self Managed as the source provider for your CodeBuild projects. This means you can trigger builds based on modifications made to source code stored within your GitLab repositories.
- AWS Control Tower customers operating in the AWS GovCloud (US) Regions can now use APIs to programmatically manage controls, perform landing zone operations, and extend governance to organizational units (OUs).
- AWS has officially launched Amazon GuardDuty EC2 Runtime Monitoring, enhancing threat detection capabilities for EC2 instances during runtime. This feature complements GuardDuty's existing anomaly detection by continuously monitoring VPC Flow Logs, DNS query logs, and AWS CloudTrail management events. With this update, users gain visibility into on-host, OS-level activities, and container-level context for identified threats
Trending on the news & advisories:
- CISA & RedHat warn of xz-backdoor-CVE-2024-3094.
- CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities.
- Defense Industrial Base Cybersecurity strategy 2024
💖 💪 🙅 🚩
AJ
Posted on April 2, 2024
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.