AWS Morning Brief for the week of August 28, 2023, with Corey Quinn. Links: Amazon Aurora Global Database introduces Global Database Failover Amazon ElastiCache for Memcached simplifies creating new clusters in the AWS Management Console Improvements to multi-account management for Amazon GuardDuty AWS Certificate Manager introduces Enterprise Controls to help govern certificate issuance AWS Cost Explorer announces support for AWS Billing Conductor AWS Microservice Extractor now supports visuali...
Aug 28, 2023•6 min•Ep 563•Transcript available on Metacast Last week in security news: Short session expiration does not help security, How to use AWS Verified Access logs to write and troubleshoot access policies, This week's S3 Bucket Negligence Award, and more! Links: A UK contractor wins this week's S3 Bucket Negligence Award . What happens when a Zero Day and Access Keys Collide in the Cloud . Short session expiration does not help security How to use AWS Verified Access logs to write and troubleshoot access policies IAMbic purports to be able to a...
Aug 24, 2023•2 min•Ep 562•Transcript available on Metacast AWS Morning Brief for the week of August 21, 2023 with Corey Quinn. Links: Corey is performing a live Q&A next month; submit your questions here ! Amazon Polly launches new Gulf Arabic male NTTS voice AWS HealthOmics supports cross-account sharing of omics analytics stores New Amazon EC2 M7a General Purpose Instances Powered by 4th Gen AMD EPYC Processors Amazon OpenSearch Serverless expands support for larger workloads and collections Reduce Lambda cold start times: migrate to AWS SDK for J...
Aug 21, 2023•6 min•Ep 561•Transcript available on Metacast Last week in security news: Cloudonaut has an overview of AWS's security monitoring services, Chris Farris talks about Defining the Sensitive IAM Actions, Whats new in the world of tools, and more! Links: Cloudonaut has an overview of AWS's security monitoring services A deep exploration into how you can really screw up integrating GitHub with AWS . Chris Farris talks about Defining the Sensitive IAM Actions . AWS Security Profile: Get to know the AWS Identity Solutions team CVE-2023-20569 - RAS...
Aug 17, 2023•4 min•Ep 560•Transcript available on Metacast AWS Morning Brief Extras edition for the week of August 16, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/the-amazon-prime-day-2023-aws-bill/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on T...
Aug 16, 2023•11 min•Ep 559•Transcript available on Metacast AWS Morning Brief for the week of August 14, 2023, with Corey Quinn. Links: Amazon's approach to RTO Amazon Interactive Video Service announces Real-Time Streaming Amazon MSK Serverless expands availability to three additional AWS Regions Amazon VPC now supports primary IPv6 address on an elastic network interface AWS Artifact launches email notifications Announcing AWS Backup logically air-gapped vault (Preview) Mountpoint for Amazon S3 is now generally available Network Load Balancer now suppo...
Aug 14, 2023•6 min•Ep 558•Transcript available on Metacast Last week in security news: People are still discovering some effects of the latest Azure security breach, Introducing the first AWS Security Heroes, How to Receive Alerts When Your IAM Configuration Changes, and more! Links: Following the latest Azure breach, the CEO of Tenable says they can see banking customer credentials even now . Introducing the first AWS Security Heroes How to Receive Alerts When Your IAM Configuration Changes Perform continuous vulnerability scanning of AWS Lambda functi...
Aug 10, 2023•4 min•Ep 557•Transcript available on Metacast AWS Morning Brief Extras edition for the week of August 8, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/breaking-aws-begins-charging-for-public-ipv4-addresses/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to...
Aug 09, 2023•5 min•Ep 556•Transcript available on Metacast AWS Morning Brief for the week of August 7, 2023 with Corey Quinn. Links: In Amazon's earnings call, Andy Jassy said that every Amazon team is working on Generative AI Amazon Route 53 adds support for 14 additional Top-Level Domains AWS NAT Gateway is now available in the AWS US West Phoenix Local Zone Amazon EBS announces up to 128 volume attachments per EC2 instance Introducing Amazon EC2 M7i-flex and M7i instances Amazon EventBridge Scheduler adds schedule deletion after completion AWS Applic...
Aug 07, 2023•6 min•Ep 555•Transcript available on Metacast Last week in security news: Patch your Ubuntu cloud workloads, Azure faces backlash following that stolen Microsoft signing key, IAM Roles Anywhere credential helper adds support for OS certificate stores, and more! Links: You almost certainly want to patch your Ubuntu cloud workloads If you care about what that stolen Microsoft signing key was capable of, Azure really wishes you would stop asking Senator Wyden is calling for Azure to be held responsible. In a frantic scramble, Azure is expandin...
Aug 03, 2023•3 min•Ep 554•Transcript available on Metacast AWS Morning Brief for the week of July 31, 2023, with Corey Quinn. Links: The new Amazon Chime 5 on Windows, macOS, and web is coming soon - Amazon Chime Help Center Access and Query are now generally available for Amazon Managed Blockchain AWS Lambda adds support for Python 3.11 AWS Entity Resolution: Match and Link Related Records from Multiple Applications and Data Stores New Amazon EC2 P5 Instances Powered by NVIDIA H100 Tensor Core GPUs for Accelerating Generative AI and HPC Applications Ne...
Jul 31, 2023•8 min•Ep 553•Transcript available on Metacast Last week in security news: A Guide to S3 Logging, Optimize AWS Config for AWS Security Hub, Amazon Told Drivers Not to Worry About In-Van Surveillance Cameras. Now Footage Is Leaking Online, and More! Links: Guide to S3 Logging Good on JumpCloud for disclosing a breach by some state-backed APT hacking group, but I learned about it from this article, and I'm a JumpCloud customer. Charlie Bel issued a security roadmap for Microsoft: Protect Azure DevOps secrets is the first item on it. What a nov...
Jul 27, 2023•3 min•Ep 552•Transcript available on Metacast AWS Morning Brief for the week of July 24 2023 with Corey Quinn. Links: Amazon CodeCatalyst now supports workflows triggered by GitHub pull Amazon S3 Inventory can include ACLs as object metadata in inventory reports Amazon SNS can now deliver mobile push notifications in twelve new regions Introducing Analytics on Amazon Lex AWS Mainframe Modernization service is now PCI DSS Compliant Best Practices for Developing an AWS Co-Sell Program Amazon Route 53 Resolver Now Available on AWS Outposts Rac...
Jul 24, 2023•7 min•Ep 551•Transcript available on Metacast Last week in security news: An Amazon senior security engineer was indicted in a $9M digital currency heist, Microsoft had one heck of a breach, this weeks S3 Bucket Negligence Award, and more! Links: A write-up of someone's experience going through the publicly available flAWS 1&2 labs Signs of the recent Microsoft breach in your account are tied to an enhanced level of license . An Amazon senior security engineer was indicted in a $9M digital currency heist A far-right publisher earned thi...
Jul 20, 2023•3 min•Ep 550•Transcript available on Metacast AWS Morning Brief Extras edition for the week of July 19, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/its-extremely-likely-you-should-not-use-govcloud/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follo...
Jul 19, 2023•6 min•Ep 549•Transcript available on Metacast AWS Morning Brief for the week of July 17, 2023 with Corey Quinn. Links: Bullying ChatGPT into ranking the US Presidents by absorbency AWS CodeBuild now supports GitHub Actions AWS Lambda now detects and stops recursive loops in Lambda functions AWS Fault Injection Simulator supports chaos engineering experiments on Amazon EKS Pods AWS announces inaugural State and Local Government Champions...
Jul 17, 2023•4 min•Ep 548•Transcript available on Metacast Last week in security news: A deep dive into the DomainNetworks Snail Mail Scam by Krebs on Security, Tailscale is putting their terms and conditions on GitHub, The Tool/ Lesson of the Week, and more! Links: A deep dive into who's behind the DomainNetworks Snail Mail Scam by Krebs on Security. Tailscale is putting its terms and conditions on GitHub and invites users to subscribe to see diffs instead of legalese. Three ways to accelerate incident response in the cloud: insights from re:Inforce 20...
Jul 13, 2023•3 min•Ep 547•Transcript available on Metacast AWS Morning Brief for the week of July 10, 2023 with Corey Quinn. Links: Last week I railed against what appeared to be AWS Transfer Family creating a new logging format . Last Week in AWS Job Board Amazon CloudWatch now supports dashboard variables Amazon DynamoDB now simplifies and lowers the cost of handling failed conditional writes Mountpoint for Amazon S3 adds support for creating new files AWS Systems Manager Parameter Store increases API throughput limit Announcing DynamoDB local version...
Jul 10, 2023•5 min•Ep 546•Transcript available on Metacast Last week in security news: The Password Game, Customer Compliance Guides Now Available on AWS Artifact, The Tool of the Week, and more! Links: The Password Game LastPass has apparently locked customers out due to MFA resets . Customer Compliance Guides now available on AWS Artifact Tool of the Week: findmytakeover...
Jul 06, 2023•2 min•Ep 545•Transcript available on Metacast AWS Morning Brief Extras edition for the week of July 5, 2023 . Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter (@quinnypig) See our recent work at the Duckbill Group Apply to work with Corey and the Duckbill Group to help lower your AWS bill...
Jul 05, 2023•6 min•Ep 544•Transcript available on Metacast AWS Morning Brief for the week of July 3, 2023 with Corey Quinn. Links: AWS Lambda simplifies copying environment variables in the console code editor What is a spam trap and why you should care? How we learned to program with atoms in 24 hours flat Running an SSH server on AWS RoboMaker New training series: Starting your Career with AWS Cloud AWS to remove 62,000-message Simple Email Service 'always free' tier from August 2023 AWS continues to invest in Ohio The INFORM Consumers Act takes effec...
Jul 03, 2023•3 min•Ep 543•Transcript available on Metacast Last week in security news: 'Muddled Libra' Uses Oktapus-Related Smishing to Target Outsourcing Firms, Issue with AWS Directory Service EnableRoleAccess, S3 buckets being used in attacks on npm packages, and more! Links: This collection of best practices for managing root users at scale in AWS is worth a read 'Muddled Libra' Uses Oktapus-Related Smishing to Target Outsourcing Firms . 1Health is this week's winner of the S3 Bucket Negligence Award Barracuda advises customers to rip the entire dev...
Jun 29, 2023•3 min•Ep 542•Transcript available on Metacast AWS Morning Brief for the week of June 26, 2023 with Corey Quinn. Links: The FTC comment period about the business of cloud computing ended Amazon warehouse practices are now the focus of a senate probe The FTC is suing Amazon for its Prime enrollment dark patterns Amazons iRobot acquisition is now the subject of an EU investigation The launch of Amazon Clinic is being delayed after the senate asked some hard questions Announcing Amazon EC2 Hpc7g instances AWS Lambda supports starting from times...
Jun 26, 2023•6 min•Ep 541•Transcript available on Metacast Last week in security news: Videos from fwd:cloudsec are now available on YouTube, AWS announces AWS Payment Cryptography, Amazon CodeGuru Security is now available in preview, and more! Links: There was lots of great content presented at fwd:cloudsec. The day-long videos are up on YouTube. You can use the schedule to help find the talks you're interested in. In contrast to AWS's "Shared Responsibility Model", I appreciate GCP's "Shared Fate Model" where they put their own skin in the game in en...
Jun 22, 2023•7 min•Ep 540•Transcript available on Metacast AWS Morning Brief Extras edition for the week of June 21, 2023 . Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/ftc-request-answered-how-cloud-providers-do-business Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Fo...
Jun 21, 2023•14 min•Ep 539•Transcript available on Metacast AWS Morning Brief for the week of June 20th, 2023 with Scott Piper filling in for Corey Quinn. Links: AWS announces scripts to bulk updates policies per new AWS Billing and Cost Management permissions Amazon QuickSight now supports APIs to automate and accelerate assets deployment Amazon Rekognition improves face search accuracy with user vectors AWS Config supports recording exclusions by resource type Falcon 40B foundation model from TII available on SageMaker JumpStart Amazon EMR supports pri...
Jun 20, 2023•4 min•Ep 538•Transcript available on Metacast Last week in security news: CloudFlare had a Confused Deputy Vulnerability, Moving Away from IAM Identity Center, AWS KMS now supports importing asymmetric and HMAC keys, and more! Links: CloudFlare had a Confused Deputy Vulnerability As I move away from IAM Identity Center, I find it interesting that a lot of folks I respect are doing similar things. I was going to drag this otherwise awesome article disclosing the vulnerability they located within AWS CDK's eks.Cluster component. AWS KMS now s...
Jun 15, 2023•5 min•Ep 537•Transcript available on Metacast AWS Morning Brief for the week of June 12, 2023 with Corey Quinn. Links: AWS CloudTrail Lake now supports selective start or stop ingestion of CloudTrail events AWS Glue for Ray is now generally available AWS Lambda adds support for Ruby 3.2 AWS Mainframe Modernization service is now HIPAA eligible Announcing AWS Snowblade for U.S Department of Defense JWCC AWS Trusted Advisor adds new checks for Amazon EFS Announcing the general availability of AWS Database Migration Service Serverless Announci...
Jun 12, 2023•8 min•Ep 536•Transcript available on Metacast Last week in security news: Thinkst Canary's Thinkstscapes, Multiple S3 Bucket Negligence Awards, Credit Card Payment Processing on AWS, and more! Links: Thinkst Canary's Thinkstscapes It's been a while since we've seen a strong, confirmed S3 Bucket Negligence Award , but Toyota has a massive one dating back a decade. Oof, looks like Google's CloudSQL product had a vulnerability that would allow an attacker to escalate to GCP control plane permissions . Holy... Legion malware expands scope to ta...
Jun 08, 2023•5 min•Ep 535•Transcript available on Metacast AWS Morning Brief Extras edition for the week of June 7, 2023. Want to give your ears a break and read this as an article? Youre looking for this link. https://www.lastweekinaws.com/blog/17-final-ways-to-run-containers/ Never miss an episode Join the Last Week in AWS newsletter Subscribe wherever you get your podcasts Help the show Leave a review Share your feedback Subscribe wherever you get your podcasts Buy our merch https://store.lastweekinaws.com What's Corey up to? Follow Corey on Twitter ...
Jun 07, 2023•9 min•Ep 534•Transcript available on Metacast 
