Release Date: August 20, 2023
This week TLDR i.e. 2 minutes version (For executives):
AWS CodePipeline now supports GitLab.
AWS IAM Identity Center (successor to AWS Single Sign-On) integration is now generally available for Amazon QuickSight.
AWS Backup Audit Manager now supports delegated backup administrator.
AWS Audit Manager announces integration with Amazon EventBridge.
Trending in Cloud & Cyber Security (News, Blogs etc):
Google has unveiled the debut of the inaugural FIDO2 security key implementation with quantum resilience. This advancement is incorporated into OpenSK, an open-source security key firmware. The implementation showcases an innovative ECC/Dilithium hybrid signature scheme. This scheme combines the robust security of ECC against conventional attacks with the quantum-resistant attributes of Dilithium, offering enhanced protection. The development of this scheme was a collaborative effort with ETH Zürich, resulting in its recognition and accolade at the ACNS secure cryptographic implementation workshop, where it received the award for the best paper. Link.
Interesting AWS Security Blogs on How to automate the review and validation of permissions for users and groups in AWS IAM Identity Center and How to use AWS Verified Access logs to write and troubleshoot access policies- Link and Link1.
Cloud Security historian Scott Piper shared that AWS sends out notices if you have Github AWS OIDC misconfigurations. This is a welcoming change from AWS. There is also a good blog on Hacking Github AWS integrations by Daniel Grzelak- Link. (Credits: The following screenshot was shared by Scott Piper. You can find Scott’s Wiz blogs HERE).
Good blog on “How Cloudflare is staying ahead of the AMD vulnerability known as “Zenbleed”. Link.
This week Long i.e. 5-10 minutes version (For architects & engineers):
AWS CodePipeline now supports GitLab. Link. Setting up is pretty straight forward. You’d need to select GitLab as the “Source provider”.
AWS IAM Identity Center integration is now generally available for Amazon QuickSight (Please note that integrating QuickSight in AWS IAM Identity Center using SAML was already possible). Link. There is also an AWS blog on it. Blog Link. You must have AWS Organizations and IAM Identity Center (successor to AWS Single Sign-On) enabled. This capability allows administrators that subscribe to QuickSight to use IAM Identity Center to enable their users to login using their existing credentials. Note that setting up requires QuickSight to be in the same region as your AWS IAM Identity Center (SSO). Also, the QuickSight account name perhaps requires to be globally unique because I choose “MyQuickSightAccount” and I received an error so I had to try with different name. Once you set up, QuickSight should show up under your AWS SSO console “Application” tab. AWS QuickSight also has an Account termination protection feature, which is nice. Additionally, I’d also make sure "quicksight:DeleteAccountSubscription", "quicksight:UpdateAccountSettings"and "sso:DeleteManagedApplicationInstanceaccess" access is controlled.
AWS Backup Audit Manager now supports delegated backup administrator. Up to five member accounts can be registered as delegated administrators, who can perform cross-account monitoring and who can manage backup, restore, and copy jobs. You can add the Delegated administrator from the AWS Backup “Settings” page.
AWS Audit Manager announces integration with Amazon EventBridge. Link. This is useful for example when a rule detects a delegate's control set review, an email notification to the audit owner can be automated using Amazon SNS, or an AWS Lambda function can notify a Slack channel. Audit Manager events can be archived and replayed, facilitating event reprocessing in case of errors or new application module additions.
Security Jobs (Occasional post):
TrustPilot- Platform Security Engineer
GoFundMe- Senior Site Reliability Engineer
Menlo Security - Principal Security Architect (Canada/UK citizens only).
Robinhood- Senior Security Engineer, Cloud Security
Thank You for reading! If you enjoyed this newsletter, I’d be grateful if you could forward it to your professional circle.
Thanks for reading AWS Cloud Security Weekly! Subscribe for free to receive new posts and support my work.