#7 AWS Weekly Updates (27 Jul 20)

Photo by Robert Larsson on Unsplash

This week’s picks are:

  • Container logs to AWS Elasticsearch
  • CloudFront now provides granular geotargeting
  • Amazon Detective enhances VPC flow logs visibility

Container logs to AWS Elasticsearch

Amazon Elasticsearch is a fully managed service which lets you run ELK stack on the cloud without operational overhead.

CloudFront now provides granular geotargeting

AWS CloudFront now supports additional geolocation headers which can be forwarded to your origin to personalise user experience. Few of the newly supported geolocation headers supported:

  • CloudFront-Viewer-Country-Name: India
  • CloudFront-Viewer-Postal-Code: 395007
  • CloudFront-Viewer-Time-Zone: Asia/Kolkatta
  • CloudFront-Viewer-Latitude: 21.19800
  • CloudFront-Viewer-Longitude: 72.83000

Amazon Detective enhances VPC flow logs visibility

Amazon Detective makes it easy for your team to quickly find the root cause of a security threat or suspicious activity. Other AWS services like GuardDuty, Macie and other partner security products let you determine potential security issue but does not let you dig deep in the issue. Performing RCA on a security finding can be very tedious and time-consuming work, Amazon Detective simplifies the process by creating a unified, interactive view of your resources, users, and the interactions between them over time.

  • What port or network service was in use at that time?
  • Were any large data transfers involved?
  • Was the traffic allowed by my Security Groups?