Let’s take a look at some of the exciting updates and new features introduced by Amazon Web Services (AWS)
Amazon EC2 Instance Connect Endpoint
One notable launch is the Amazon EC2 Instance Connect Endpoint. This endpoint enables secure access to Amazon EC2 instances using their private IP addresses, eliminating the need for bastion hosts. With EC2 Instance Connect, you can control SSH access to your instances using AWS Identity and Access Management (IAM) policies and principals, eliminating the hassle of sharing and managing SSH keys. Additionally, the AWS Command Line Interface (CLI) has been updated to simplify connecting to instances or opening secure tunnels using instance IDs. While some similarities exist with AWS Systems Manager Session Manager, the advantage of EC2 Instance Connect Endpoint lies in its compatibility with existing SSH-based tools and libraries.
Amazon Inspector Enhancements
Amazon Inspector has introduced code scanning for AWS Lambda functions, expanding its capability to scan Lambda functions and associated layers for software vulnerabilities. Additionally, Amazon Detective now supports finding groups for Amazon Inspector, collecting findings from various AWS security services to enhance situational awareness of security events.
Amazon Verified Permissions
Amazon Verified Permissions, now generally available, offers a centralized and fine-grained permissions management and authorization service for business applications. This service simplifies the enforcement of user-based permissions by centralizing permissions in a policy store, allowing developers to authorize user actions within their applications consistently and at scale. Just as an identity provider simplifies authentication, a policy store streamlines authorization.
Amazon S3 Dual-Layer Server-Side Encryption
To cater to heavily regulated industries, Amazon S3 introduces Dual-Layer Server-Side Encryption (DSSE-KMS) with keys stored in AWS Key Management Service. DSSE-KMS provides two layers of data encryption using different keys and different implementations of the AES-GCM algorithm. This new encryption option ensures enhanced security for data at rest.
AWS CloudTrail Lake Dashboards
AWS CloudTrail Lake Dashboards offer pre-built visibility and top insights from audit and security data directly within the CloudTrail Lake console. These curated dashboards provide instant access to valuable information, eliminating the need for extensive dashboard setup or SQL expertise.
AWS IAM Identity Center
AWS IAM Identity Center now supports automated user provisioning from Google Workspace. By connecting Google Workspace to IAM Identity Center, you can centrally manage access to AWS accounts and applications, streamlining user provisioning and access management.
AWS CloudShell Expansion
AWS CloudShell, a browser-based shell for managing AWS resources, is now available in 12 additional regions. This expansion enables more users to securely manage, explore, and interact with their AWS resources using CloudShell’s convenient browser interface.
These updates and new features from AWS demonstrate their commitment to enhancing security, simplifying management, and providing valuable tools for developers and users alike.
[…] select is one of the most crucial decisions you will need to make when it comes to hosting apps on Amazon Web Services (AWS). You may use EC2 instances, which are virtual computers, to execute your apps on AWS. They are […]
[…] a leader in conversational artificial intelligence (AI) worldwide, announced that it has selected Amazon Web Services (AWS), a subsidiary of Amazon.com, as its preferred cloud provider to support its generative AI-powered […]