Amazon CloudFront now lets you select a security policy with minimum TLS v1.1, v1.2, and security ciphers for viewer connections!

Starting today, you can further improve security for your web applications on Amazon CloudFront by selecting a pre-defined security policy that enforces TLS version 1.1 or 1.2 as the minimum protocol version. Amazon CloudFront will automatically select the cipher suite for your selected security policy which it will use to encrypt your content before returning it to viewers over HTTPS. For instance, with this feature, you can select the security policy that enforces TLS version 1.1 and weak ciphers such as RC4 and 3DES will automatically be excluded. This feature is available when you use custom SSL certificates to serve HTTPS requests using SNI. 
Quelle: aws.amazon.com

AWS CloudTrail Adds S3 Data Events in AWS GovCloud (US) Region

AWS CloudTrail S3 Data Events allow you to record API actions on Amazon S3 objects and receive detailed information such as the AWS account, IAM user role, and IP address of the caller, time of the API call, and other details. You can programmatically access and act upon the Data Events after they are delivered to an Amazon S3 bucket or to Amazon CloudWatch Events. For example, you can quickly reapply the original Access Control List (ACL) on an object if the ACL of an object is modified. 
Quelle: aws.amazon.com

Amazon Chime Now Allows You to Log Console Actions Using AWS CloudTrail

Starting today you can log, continuously monitor, and record account activity related to actions taken in the Amazon Chime console, using AWS CloudTrail. AWS CloudTrail is an AWS service that helps you enable governance, compliance, and operational and risk auditing of your AWS account. Using the information collected by CloudTrail, you can track Amazon Chime console actions related to your team or enterprise account, as well as user account administration and license management. CloudTrail allows you to record the action taken, as well as the source IP address, who took the action, and when it was taken.
Quelle: aws.amazon.com

AWS CloudFormation Now Provides Stack Termination Protection

AWS CloudFormation now allows you to protect a stack from being accidently deleted. You can enable termination protection on a stack when you create it. If you attempt to delete a stack with termination protection enabled, the deletion fails and the stack, including its status, will remain unchanged. To delete a stack you need to first disable termination protection. 
Quelle: aws.amazon.com

Now You Can Encrypt LDAP Communication with AWS Directory Service for Microsoft Active Directory

Starting today, you can encrypt Lightweight Directory Access Protocol (LDAP) communication between your applications and AWS Directory Service for Microsoft Active Directory, also known as AWS Microsoft AD. Many Windows and Linux applications use LDAP to read and update information about users and devices, including personally identifiable information (PII). Now you can enable LDAP over Secure Sockets Layer (SSL)/Transport Layer Security (TLS), also called LDAPS, to encrypt your LDAP communications end to end. This helps you protect PII and other sensitive information exchanged with AWS Microsoft AD over untrusted networks.
Quelle: aws.amazon.com

Amazon QuickSight now allows users to create analyses from dashboards and import custom date formats

Amazon QuickSight users can now create analyses from dashboards within their account. This allows users to quickly create customized views of dashboard content by modifying existing visuals or adding new visuals. New users may utilize this capability to get started quickly by creating QuickSight analyses from dashboards shared with them. For data administrators, this capability reduces requests for customizations of dashboards and enables faster onboarding of users to QuickSight. 
Quelle: aws.amazon.com

Amazon Cognito Integrates with Amazon Pinpoint to Add Analytics for User Pools and Enrich Pinpoint Campaigns

Today, we added an integration between Amazon Cognito User Pools and Amazon Pinpoint to provide analytics for Cognito User Pools and to enrich the user data for Pinpoint campaigns. Amazon Cognito User Pools provide user directories that makes it easy to add sign-up and sign-in to your mobile or web application. Amazon Pinpoint provides analytics and targeted campaigns to drive user engagement in mobile apps using push notifications. Using Amazon Pinpoint Analytics, you can track User Pool sign-ups, sign-ins, failed authentications, daily active users (DAUs) and monthly active users (MAUs). This feature will thus enable user based analytics within Amazon Pinpoint. You can drill into the data for different date ranges or attributes like device platform, device locale, app version etc. You can also set up user attributes specific to your app using the Pinpoint SDK. These can then be used to segment your users on Pinpoint and send them targeted push notifications, emails, and SMS text messages. 
Quelle: aws.amazon.com