#6 AWS Weekly Updates (20 Jul 20)

Photo by Harry Cunningham on Unsplash

This week’s picks are:

  • Amazon Kendra now supports PrivateLink
  • AWS Firewall Manager can now audit security groups
  • New managed rules for AWS Config

To learn more about all the latest updates from AWS visit: https://aws.amazon.com/new/

Amazon Kendra now supports PrivateLink

Want to build a search engine for your company which uses machine learning and understands natural language, use Amazon Kendra. An enterprise-level managed search service powered by machine learning. Just create an index, attach data sources like S3, RDS, SharePoint, Salesforce, OneDrive or other supported sources and deploy it. That’s all and you have a search engine ready to serve within minutes.

With the support of PrivateLink, just create VPC Interface Endpoint and your queries always stay within AWS and you don’t need to set up Internet or NAT Gateway to interact with Kendra. Unlike Gateway Endpoints, Interface Endpoints are not highly available so make sure to create yours in more than one AZ.

Article: Announcing AWS PrivateLink Support for Amazon Kendra

AWS Firewall Manager can now audit security groups

AWS Firewall Manager allows you to centrally manage and configure firewall rules across your accounts within an AWS Organization. You can easily rollout out WAF rules to CloudFront, Application Load Balancer and API Gateway or enable AWS Shield Protection for Load Balancer, EIP and CloudFront.

With the support of VPC Security Groups, customers can now manage security groups attached to EC2 instances or ENIs along with auditing security group rules which are wide open. For eg: All ports open or Source set to 0.0.0.0/0. Besides managed rules, customers can configure their custom rules and will still receive a detailed audit report enlisting which accounts are in violation of rules.

Article: AWS Firewall Manager launches managed rules to audit VPC security groups

New managed rules for AWS Config

AWS Config is a managed service which constantly assesses, monitors and records your AWS service configuration using pre-defined managed rules or by creating your own rules using Lambda function and allows to automate the evaluation of recorded rules. It allows you to review changes with respect to a configuration over a timeline and revert back to a specific configuration in the past.

Some of the new managed rules:

  • alb-waf-enabled: Checks if WAF is always attached to your application load balancer.
  • dax-encryption-enabled: Checks if rest-side encryption is enabled on DynamoDB Accelerator(DAX) cluster.
  • dynamodb-pitr-enabled: Verifies if point-in-time recovery is enabled for DynamoDB tables

And many more such rules are available to ease your audit and compliance management.

Article: AWS Config Launches 28 Additional Managed rules

That’s all for now. Stay tuned to learn more about new weekly releases/updates by AWS.

--

--

--

DevSecOps Practitioner | AWS AAI - Champion | vimalpaliwal.com | skildops.com

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

AWS Serverless Architecture for Dummies

Definition of Custom Software Development & Its Benefits

Things we learned about Cassandra

Show Progress bar on Load More in RecyclerView — show different types of view in the same…

How will we participate in other ecosystem sales?

READ/DOWNLOAD#- Creating Apps in Kivy FULL BOOK PD

HW 3 — Loops and Conditionals

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Vimal Paliwal

Vimal Paliwal

DevSecOps Practitioner | AWS AAI - Champion | vimalpaliwal.com | skildops.com

More from Medium

AWS VPCs Peering:

AWS — GETTING STARTED WITH FREE ACCOUNT

AWS Timestream Multi-Measures

Learn the Hacks for Running Custom Scripts at Spot Termination