Issue 34 of AWS Cloud Security Weekly

(Summary of Issue 34 of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-34)

1. The Amazon Relational Database Service (Amazon RDS) for MariaDB has expanded its support to include MariaDB minor versions 10.11.7, 10.6.17, 10.5.24, and 10.4.33. It is advisable to update to the most recent minor versions to address security vulnerabilities present in earlier releases of MariaDB. Additionally, upgrading allows you to leverage bug fixes, enhance performance, and access new features introduced by the MariaDB community.

2. AWS revealed an extension of log coverage support for Amazon Security Lake, now encompassing Amazon Elastic Kubernetes Service (Amazon EKS) audit logs. This advancement enables the automatic centralization and normalization of Amazon EKS audit logs within Security Lake. This enhancement simplifies the monitoring and investigation of potential suspicious activities within your Amazon EKS clusters.

3. Amazon released Amazon Linux 2023 (AL2023) for general availability on Amazon Elastic Kubernetes Service (EKS). AL2023, the latest iteration of Amazon Linux by Amazon Web Services, is crafted to furnish a secure, stable, and high-performance environment for developing and running cloud applications. EKS users can leverage the advantages of AL2023 through the utilization of the standard AL2023-based EKS optimized Amazon Machine Image (AMI) with Managed Node Groups, self-managed nodes, and Karpenter.

4. AWS WAF has introduced support for customizable evaluation time windows in request aggregation with rate-based rules. You now have the flexibility to choose time windows of 1 minute, 2 minutes, or 10 minutes, expanding on the previously available 5-minute option. Prior to this update, AWS WAF users could utilize rate-based rules to tally incoming requests and impose rate limits on those surpassing the specified rate threshold. The system previously employed a fixed 5-minute window for aggregating requests when evaluating rules. With the new enhancement, you can now opt for 1 minute, 2 minutes, or 10-minute time windows, in addition to the existing 5-minute window, offering adaptability based on the specific needs of their applications. A shorter evaluation window may be more effective for swiftly identifying and blocking spikes in high-traffic applications, while a longer window might be better suited for applications with less frequent access.

5. Amazon WorkSpaces has incorporated support for the WebAuthn (Web Authentication) standard to enhance in-session authentication. Users can now authenticate themselves into web applications supporting WebAuthn through redirection when using Chrome or Edge on their Windows WSP WorkSpaces. This functionality is available across WorkSpaces Windows, macOS, and Linux client applications, and it is compatible with various authenticators such as YubiKey, Windows Hello, and other FIDO2-compliant devices. Organizations can utilize this updated standard to fortify security measures, preventing unauthorized access to sensitive company data on WorkSpaces.

6. AWS Backup has introduced the capability to conduct restore testing for Amazon Aurora continuous backups. The restore testing feature in AWS Backup facilitates automated and regular tests on backed-up AWS resources. AWS Backup, being a fully managed service, streamlines and automates data protection for various AWS services and hybrid workloads. This enhancement enables you to assess recovery readiness, preparing for potential data loss scenarios & to gauge the duration of restore jobs for Amazon Aurora continuous backups, meeting compliance or regulatory requirements.