AWS Morning Brief

AWS Morning Brief for the week of August 28, 2023, with Corey Quinn. Links:Amazon Aurora Global Database introduces Global Database FailoverAmazon ElastiCache for Memcached simplifies creating new clusters in the AWS Management ConsoleImprovements to multi-account management for Amazon GuardDutyAWS Certificate Manager introduces Enterprise Controls to help govern certificate issuanceAWS Cost Explorer announces support for AWS Billing ConductorAWS Microservice Extractor now supports visualizing very large enterprise applicationsAWS re:Post launches an enhanced search experienceAnnouncing AWS ROSA console support for the ROSA with hosted control planes previewEC2 Hibernate now supports Amazon EC2 M7i and M7i-flex instancesManage Cost Allocation Tags with Last-Updated and Last-Used timestamps Protecting an AWS Lambda function URL with Amazon CloudFront and Lambda@Edge Choose AWS Graviton and cloud storage for your Ethereum nodes infrastructure on AWS How Amazon Finance Technologies built an event-driven and scalable remittance service using Amazon DynamoDBUpgrade from Amazon Aurora Serverless v1 to v2 with minimal downtimeNext Big Things for Retail – Generative AI leads the pack but isn’t aloneExplain medical decisions in clinical settings using Amazon SageMaker ClarifyBuild a serverless store finder site using Amazon Location ServiceConfiguring client IP address preservation with a Network Load Balancer in AWS Global Accelerator How to use pulse-level control on OQC’s superconducting quantum computerAWS Digital Sovereignty Pledge: Announcing new dedicated infrastructure options

Last week in security news: Short session expiration does not help security, How to use AWS Verified Access logs to write and troubleshoot access policies, This week's S3 Bucket Negligence Award, and more!Links:A UK contractor wins this week's S3 Bucket Negligence Award.What happens when a Zero Day and Access Keys Collide in the Cloud.Short session expiration does not help securityHow to use AWS Verified Access logs to write and troubleshoot access policiesIAMbic purports to be able to alert you to changes to IAM polices via consuming CloudTrail logs

AWS Morning Brief for the week of August 21, 2023 with Corey Quinn. Links:Corey is performing a live Q&A next month; submit your questions here!Amazon Polly launches new Gulf Arabic male NTTS voiceAWS HealthOmics supports cross-account sharing of omics analytics stores New – Amazon EC2 M7a General Purpose Instances Powered by 4th Gen AMD EPYC ProcessorsAmazon OpenSearch Serverless expands support for larger workloads and collections Reduce Lambda cold start times: migrate to AWS SDK for JavaScript v3 Architecting for Resilience in the cloud for critical railway systems How Amazon Shopping uses Amazon Rekognition Content Moderation to review harmful images in product reviewsZero-shot text classification with Amazon SageMaker JumpStartBuild a multi-account access notification system with Amazon EventBridgeGetting Started with CloudWatch agent and collectd Cost considerations and common options for AWS Network Firewall log managementAddressing gender inequity in the technology industry 

Last week in security news: Cloudonaut has an overview of AWS's security monitoring services, Chris Farris talks about Defining the Sensitive IAM Actions, What’s new in the world of tools, and more!Links:Cloudonaut has an overview of AWS's security monitoring servicesA deep exploration into how you can really screw up integrating GitHub with AWS.Chris Farris talks about Defining the Sensitive IAM Actions.AWS Security Profile: Get to know the AWS Identity Solutions team CVE-2023-20569 - RAS Poisoning - Inception - Paired with CVE-2022-40982 AVID is an AI Vulnerability Database.TinderSec threw up a scanner on GitHub so you can see if you've fallen prey to one of the classic OICD permissions blunders.

AWS Morning Brief Extras edition for the week of August 16, 2023.Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/the-amazon-prime-day-2023-aws-bill/Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

The podcast covers topics such as Amazon's approach to returning to the office, the use of Tail Scale for building trusted networks, and various AWS announcements including email notifications for AWS Artifact and the launch of the AWS Backup air-gapped vault preview

Last week in security news: People are still discovering some effects of the latest Azure security breach, Introducing the first AWS Security Heroes, How to Receive Alerts When Your IAM Configuration Changes, and more!Links:Following the latest Azure breach, the CEO of Tenable says they can see banking customer credentials even now.Introducing the first AWS Security HeroesHow to Receive Alerts When Your IAM Configuration Changes Perform continuous vulnerability scanning of AWS Lambda functions with Amazon InspectorRecent Software-based Power Side-Channel Security Research You can totally use AWS's SSM agent as post-exploitation RAT malware

AWS Morning Brief Extras edition for the week of August 8, 2023.Want to give your ears a break and read this as an article? You’re looking for this link.https://www.lastweekinaws.com/blog/breaking-aws-begins-charging-for-public-ipv4-addresses/Never miss an episodeJoin the Last Week in AWS newsletterSubscribe wherever you get your podcastsHelp the showLeave a reviewShare your feedbackSubscribe wherever you get your podcastsBuy our merch https://store.lastweekinaws.comWhat's Corey up to?Follow Corey on Twitter (@quinnypig)See our recent work at the Duckbill GroupApply to work with Corey and the Duckbill Group to help lower your AWS bill

AWS Morning Brief for the week of August 7, 2023 with Corey Quinn. Links:In Amazon's earnings call, Andy Jassy said that every Amazon team is working on Generative AIAmazon Route 53 adds support for 14 additional Top-Level Domains AWS NAT Gateway is now available in the AWS US West Phoenix Local ZoneAmazon EBS announces up to 128 volume attachments per EC2 instanceIntroducing Amazon EC2 M7i-flex and M7i instancesAmazon EventBridge Scheduler adds schedule deletion after completionAWS Application Composer updates: Undo and Redo, Export Canvas, and Local Sync ModeNow Open – AWS Israel (Tel Aviv ) RegionPrime Day 2023 Powered by AWS – All the Numbers Estimate cost savings for the Amazon Aurora I/O-Optimized feature using Amazon CloudWatch Empowering your workforce with Amazon WorkSpaces services and Microsoft 365Exploring Fn::ForEach and Fn::FindInMap enhancements in AWS CloudFormation Identify and optimize public IPv4 address usage on AWS 

Last week in security news: Patch your Ubuntu cloud workloads, Azure faces backlash following that stolen Microsoft signing key, IAM Roles Anywhere credential helper adds support for OS certificate stores, and more!Links:You almost certainly want to patch your Ubuntu cloud workloadsIf you care about what that stolen Microsoft signing key was capable of, Azure really wishes you would stop askingSenator Wyden is calling for Azure to be held responsible.In a frantic scramble, Azure is expanding access to cloud logging data for free IAM Roles Anywhere credential helper adds support for OS certificate storesCVE-2023-20593This handy script fetches SSO permission assignments.