Issue 61 of AWS Cloud Security Weekly

(This is just the highlight of Issue 61 of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-61 << Subscribe to receive the full version in your inbox weekly for free!!)

What happened in AWS CloudSecurity & CyberSecurity last week September 03- September 11, 2024?

• AWS Resource Access Manager (AWS RAM) now integrates with AWS PrivateLink. This allows you to create and manage resource shares directly within the Virtual Private Cloud (VPC) without needing to use the public internet.
• Amazon S3 Access Grants now include support for a new API, ListCallerAccessGrants which enables IAM principals and AWS IAM Identity Center (IdC) end users to view all S3 buckets, prefixes, and objects they can access according to their S3 Access Grants. You can also leverage ListCallerAccessGrants to develop applications that identify and act upon data accessible to specific end users. The Storage Browser for Amazon S3, an open-source UI component that can be integrated into applications, uses ListCallerAccessGrants to display the S3 data accessible to end users based on their S3 Access Grants.
• Amazon S3 announced the alpha release of Storage Browser for S3, an open-source component that integrates with web applications to offer a user-friendly interface for managing data stored in S3. Storage Browser for S3 ensures that only data the users are permitted to access is displayed. The access control is managed through AWS security and identity services.
• Amazon DynamoDB now supports Attribute-Based Access Control (ABAC) for tables and indexes. Tag-based access conditions enable you to permit or restrict specific actions based on whether the tags on an Amazon DynamoDB table match the tags of AWS Identity and Access Management (IAM) principals. This tag-based flexibility allows for more granular control over access permissions.