#6 AWS Weekly Updates (20 Jul 20)

Photo by Harry Cunningham on Unsplash

This week’s picks are:

  • AWS Firewall Manager can now audit security groups
  • New managed rules for AWS Config

To learn more about all the latest updates from AWS visit: https://aws.amazon.com/new/

Amazon Kendra now supports PrivateLink

With the support of PrivateLink, just create VPC Interface Endpoint and your queries always stay within AWS and you don’t need to set up Internet or NAT Gateway to interact with Kendra. Unlike Gateway Endpoints, Interface Endpoints are not highly available so make sure to create yours in more than one AZ.

Article: Announcing AWS PrivateLink Support for Amazon Kendra

AWS Firewall Manager can now audit security groups

With the support of VPC Security Groups, customers can now manage security groups attached to EC2 instances or ENIs along with auditing security group rules which are wide open. For eg: All ports open or Source set to 0.0.0.0/0. Besides managed rules, customers can configure their custom rules and will still receive a detailed audit report enlisting which accounts are in violation of rules.

Article: AWS Firewall Manager launches managed rules to audit VPC security groups

New managed rules for AWS Config

Some of the new managed rules:

  • alb-waf-enabled: Checks if WAF is always attached to your application load balancer.
  • dax-encryption-enabled: Checks if rest-side encryption is enabled on DynamoDB Accelerator(DAX) cluster.
  • dynamodb-pitr-enabled: Verifies if point-in-time recovery is enabled for DynamoDB tables

And many more such rules are available to ease your audit and compliance management.

Article: AWS Config Launches 28 Additional Managed rules

That’s all for now. Stay tuned to learn more about new weekly releases/updates by AWS.

Freelancer | Cloud/DevOps | AWS AAI - Champion | vimalpaliwal.com