This article will give you the latest news on AWS security updates, solutions, and other cool stuff published in November 2022. The newest edition of the "AWS Cloud Security Roundup" blog series is now available.

In late November the AWS re:invent in Las Vegas took place. Unfortunately, I could not fly out there. But this month's edition covers all security-related announcements of the re:invent and much more: regional updates, Security Hub, Threat Detection & Response, authentication, and additional changes.

Enjoy this article? Subscribe to receive the latest news about cloud security here 📫

🌏 Regional updates

  • Standardize tags via AWS Organizations tag policies in AWS GovCloud (US) regions
  • Attribute-Based Access Control (ABAC) authentication strategy for AWS Lambda is now available in AWS GovCloud (US)
  • AWS Managed Microsoft AD & AD Connector are now available in the Middle East UAE (me-central-1) region

📊 Security Hub

  • Wiz integration to send findings to Security Hub
  • CIS Benchmarks v1.4 support enabled
  • Bidirectional integration with Jira Service Management Cloud via AWS Service Management Connector
  • AWS IoT Device Defender findings are integrated with Security Hub

🔎 Threat Detection & Response

  • Amazon GuardDuty now detects suspicious login activity to Aurora databases (Preview available in us-east-1, us-east-2, us-west-2, ap-northeast-1 & eu-west-1)
  • Amazon Macie now supports the automated identification of sensitive data across your organization's S3 buckets
  • Amazon Inspector now performs software composition analysis (SCA) to identify software vulnerabilities in package dependencies on AWS Lambda functions
  • AWS SSM Incident Manager integration with Jira Service Management Cloud via AWS Service Management Connector to manage incidents in JIRA

🔐 Authentication

  • IAM Authentication with short-lived authentication tokens available for Amazon ElastiCache Redis clusters v 7.0 and higher
  • Rotate Amazon ElastiCache password via Lambda and Secrets Manager (https://github.com)
  • Amazon ElastiCache simplifies password rotations with Secrets Manager
  • Adjust session management duration (15 minutes - 7 days) for AWS IAM Identity Center via AWS CLI and SDK
  • Certificate-based authentication for Amazon WorkSpaces with SAML 2.0
  • AWS Secrets Manager now supports the rotation of credentials and access tokens every four hours
  • AWS Key Management Service introduces External Key Store (XKS) to enable customers to use their own external key management solution

🆕 Additional changes

  • AWS WAF supports granular ISO 3166 country and region codes matching like awswaf:clientip:geo:region:DE-HE
  • AWS Certificate Manager supports ECDSA P-256 and P-384 TLS certificates
  • AWS Firewall Manager supports discovering pre-existing firewall resources
  • AWS Secrets Manager API requests per second limit increase (GetSecretValue and DescribeSecret - 10.000 requests / ListSecrets - 100 requests)
  • AWS Backup Audit Manager now produces aggregated reports on your organization's data protection policies and gathers operational data about backup and recovery activities
  • AWS Audit Manager lets you dive deep into issues via search filters and groupings
Share this post