AWS Cloud Security Weekly

AWS Cloud Security Weekly

Share this post

AWS Cloud Security Weekly
AWS Cloud Security Weekly
Issue 88
Copy link
Facebook
Email
Notes
More
User's avatar
Discover more from AWS Cloud Security Weekly
A hands-on style weekly newsletter for cloud security professional, including executives, focused on latest cloud security (especially AWS) news/releases/trends.
Over 1,000 subscribers
Already have an account? Sign in

Issue 88

7 days of Cloud Security, recapped in 7 minutes or less!

Mar 18, 2025
1

Share this post

AWS Cloud Security Weekly
AWS Cloud Security Weekly
Issue 88
Copy link
Facebook
Email
Notes
More
Share

This week TLDR i.e. 1 minute version (For executives):

  1. Amazon EC2 Allowed AMIs now integrates with AWS Config.

  2. AWS WAF now supports URI fragment field matching.

  3. Amazon Inspector expands ECR support for minimal container base images and enhanced detections.

  4. Amazon GuardDuty Malware Protection for S3 now available in AWS GovCloud (US) Regions.

  5. AWS Service Reference Information now supports resources and condition keys.

  6. AWS Verified Access achieves FedRAMP High and Moderate authorization.

Trending in Cloud & Cyber Security:

  1. AWS Security Blogs & Bulletins:

    • Manage authorization within a containerized workload using Amazon Verified Permissions. Link.

    • Secure cloud innovation starts at re:Inforce 2025. Link.

    • AWS KMS CloudWatch metrics help you better track and understand how your KMS keys are being used. Link.

  2. General security blogs, articles, reports & trending news/advisories:

    • GitLab critical security patch. Link.

    • Inside BRUTED: Black Basta (RaaS) Members Used Automated Brute Forcing Framework to Target Edge Network Devices by Arda Büyükkaya. Link.

    • Harden-Runner detection: tj-actions/changed-files action is compromised by Varun Sharma. Link.

    • Wiz to Join Google Cloud. Link.

    • NEW: Open Cloud Security Conference. Link.

This week Long i.e. 3-5 minutes version (For architects & engineers):

  1. ‘Allowed AMIs’, an AWS account-wide EC2 setting that restricts AMI usage, now integrates with AWS Config, which allows you to automatically track and detect instances launched with unapproved AMIs using a new AWS Config rule. Link. For example, this is my rule:

  2. AWS WAF now supports URI fragment field matching, allowing you to inspect and match content within the URI fragment alongside the existing URI path support. This feature enhances security by enabling more precise rule creation based on the portion of the URL after the "#" symbol. For instance, if your login page includes a dynamic fragment like "foo://login.aspx#myFragment," you can create a rule that permits only requests containing the "myFragment" fragment while blocking others. This allows for targeted security measures, such as restricting access to sensitive areas, identifying unauthorized attempts, and improving bot detection by analyzing fragment patterns used by malicious actors. Link. For example, here’s my rule:

  3. Amazon Inspector now supports scanning for scratch, distroless (Debian/Ubuntu-based), and Chainguard images, expanding security coverage for minimal and security-focused container bases. Additionally, ECR scanning now includes ecosystems like Go toolchain, Oracle JDK & JRE, Apache Tomcat, WordPress, and more, helping you detect vulnerabilities in third-party software. These enhancements are also available via the Amazon Inspector SBOM Scan API.Link.

  4. AWS announced the availability of Amazon GuardDuty Malware Protection for Amazon S3 in AWS GovCloud (US) regions. This expansion enables scanning of newly uploaded S3 objects for malware, viruses, and other threats, allowing you to detect and isolate suspicious files. Link. Here’s my Gov console:

  5. AWS now includes resources and condition keys in service reference information, offering a more comprehensive view of service permissions. This enhancement simplifies policy management automation by allowing you to retrieve available actions across AWS services from machine-readable files. Link. For example, this is the reference for Cloudtrail:

  6. AWS Verified Access achieved FedRAMP High and Moderate authorization. Link.

    Share


Subscribe to AWS Cloud Security Weekly

By AWS-CloudSec Weekly Newsletter · Launched 2 years ago
A hands-on style weekly newsletter for cloud security professional, including executives, focused on latest cloud security (especially AWS) news/releases/trends.
1

Share this post

AWS Cloud Security Weekly
AWS Cloud Security Weekly
Issue 88
Copy link
Facebook
Email
Notes
More
Share

Discussion about this post

User's avatar
Issue 79
7 days of Cloud Security, recapped in 7 minutes or less!
Jan 14
3

Share this post

AWS Cloud Security Weekly
AWS Cloud Security Weekly
Issue 79
Copy link
Facebook
Email
Notes
More
1
Issue 91
7 days of Cloud Security, recapped in 7 minutes or less!
Apr 8
3

Share this post

AWS Cloud Security Weekly
AWS Cloud Security Weekly
Issue 91
Copy link
Facebook
Email
Notes
More
Issue 75
7 days of Cloud Security, recapped in 7 minutes or less!
Dec 18, 2024
4

Share this post

AWS Cloud Security Weekly
AWS Cloud Security Weekly
Issue 75
Copy link
Facebook
Email
Notes
More

Ready for more?

© 2025 AJ
Privacy ∙ Terms ∙ Collection notice
Start writingGet the app
Substack is the home for great culture

Share

Copy link
Facebook
Email
Notes
More

Create your profile

User's avatar

Only paid subscribers can comment on this post

Already a paid subscriber? Sign in

Check your email

For your security, we need to re-authenticate you.

Click the link we sent to , or click here to sign in.