This week TLDR i.e. 1 minute version (For executives):

1. AWS Control Tower now has 223 new AWS Config rules.

2. IAM Identity Center releases new SDK plugin to streamline token exchange with an external Identity Provider.

Trending in Cloud & Cyber Security:

1. AWS Security Blogs & Bulletins:

   • Enhanced Network Security Control: Flow Management with AWS Network Firewall. Link.

   • Automating AWS Private CA audit reports and certificate expiration alerts. Link.

2. General security blogs, articles, reports & trending news/advisories:

   • IAM Role Trust Policies: Misconfigurations Hiding in Plain Sight by Eliav Livneh. Link.

   • Campaign Targets Amazon EC2 Instance Metadata via SSRF by Merlyn Albery-Speyer. Link.

   • Gaining Long-Term AWS Access with CodeBuild and GitHub by Adan. Link.

   • The Future of Cloud & Security Operations: Analyzing PANW’s Cortex Cloud Bet by Francis Odum. Link.

This week Long i.e. 3-5 minutes version (For architects & engineers):

1. AWS Control Tower now supports 223 additional managed Config rules in the Control Catalog, covering use cases such as security, cost optimization, durability, and operations. This update allows you to search, discover, enable, and manage these new rules directly within AWS Control Tower, enabling broader governance across your multi-account environment. Link.

2. IAM Identity Center has introduced a new SDK plugin that streamlines AWS resource authorization for applications using external identity providers (IdPs) like Microsoft EntraID, Okta, and others. Supporting trusted identity propagation (TIP), the plugin simplifies the process of exchanging external IdP tokens for IAM Identity Center tokens. These tokens enable fine-grained access to AWS resources—such as Amazon S3—based on user and group memberships defined in the external IdP. Link.

   Subscribe

   Share