ThreatAlert® ATO Acceleration is an AWS Solutions Consulting Offer delivered via a consulting engagement from stackArmor, an AWS Security Competency Partner. ThreatAlert® ATO Acceleration provides FedRAMP, FISMA, ITAR, HIPAA, DFARS & CMMC compliance acceleration on AWS & AWS GovCloud. Customers that request this consulting offer will participate in an engagement that includes rapid solution enablement using a Discover, Design, and Deployment sprints methodology; end-to-end integration of security services including log configuration, agent deployment, and setup of alerts and dashboards for critical and auditable events; documentation; and control statements as well as ongoing solution support.
AWS SDK for .NET v3.5 is now generally available
Today, we are happy to announce the general availability of AWS SDK for .NET v3.5. This release transitions support for all non-Framework versions of the SDK to .NET Standard 2.0+. Unity, Xamarin, and UWP users can now utilize the .NET Standard 2.0 distribution to gain access to the same services and AWS vended libraries as .NET Core users. Read our blog post for details.
Amazon EKS now supports EC2 Instance Metadata Service v2
Amazon EKS now supports containerized applications that require access to EC2 instance metadata using the IMDSv2 format.
AWS Systems Manager Distributor adds third-party agent, Dynatrace ONE
Distributor, a capability of AWS Systems Manager, allows you to select from available popular third-party agents to install and manage on your instances. With this launch, you can select to install the pre-built Dynatrace ONE Agent directly from Distributor without having to create or maintain any software packages. AWS will continue to seek opportunities to offer many other popular security and monitoring agents.
Provisioned Concurrency for AWS Lambda is now available in AWS GovCloud (US) Regions
Provisioned Concurrency for AWS Lambda is now available in both AWS GovCloud (US) Regions. Provisioned Concurrency is a feature that provides customers greater control over performance of their serverless applications at any scale. Functions using Provisioned Concurrency execute with consistent start-up latency making them ideal for building interactive mobile or web backends, latency sensitive microservices, and synchronously invoked APIs. Read more about Provisioned Concurrency in the AWS Lambda documentation .
AWS Database Migration Service now supports MongoDB 4.0 as a source
AWS Database Migration Service (AWS DMS) has expanded functionality by adding support for MongoDB 4.0 as a source in AWS DMS v 3.4.1 . Using DMS, you can now perform live migrations from MongoDB 4.0 clusters to any AWS DMS supported target including Amazon DocumentDB (with MongoDB compatibility) with minimal downtime. For full list of supported AWS DMS targets, see targets for data migration .
AWS Transfer Family adds support for email addresses as usernames
AWS Transfer Family now supports using email addresses as usernames for your file transfer clients by adding support for at symbol (@) and period (dot) in usernames. In addition, the service now supports username length of up to 100 characters from the previously supported limit of 32 characters.
AWS Transit Gateway customers can now use their own Prefix Lists to simplify IP management
Earlier this year, we launched VPC Prefix List, a feature that allows you to group multiple CIDR blocks into a single object, and use it as a reference to simplify network configuration. Today, we are adding Prefix Lists support to AWS Transit Gateway, making it easier for you to manage Transit Gateway route tables.
AWS Firewall Manager now supports security groups on Application Load Balancers and Classic Load Balancers
AWS Firewall Manager now supports security groups on Application Load Balancers and Classic Load Balancers, allowing you to centrally configure and audit security groups associated with these resource types, across multiple accounts in your organization. Firewall Manager today supports security groups associated with EC2 instances and Elastic Network Interfaces (ENIs). With this launch, you can now utilize Firewall Manager’s capabilities to also centrally manage security groups associated with Application Load Balancers and Classic Load Balancers. You can audit security groups associated with these resource types to ensure they are only accessing IP CIDRs or ports mandated by your organization. You can use pre-packaged audit rules provided by Firewall Manager, or customize your own audit rules to check for non-compliance. For example, you can audit existing security group rules on Application Load Balancers to ensure they are only accessing the CloudFront IPs you have listed. Similarly, you can also define a Firewall Manager policy to specify security groups with a baseline set of inbound and outbound rules that you want associated with your load balancers. Only requests that comply with the inbound rules can reach your load balancers, and the load balancers will only distribute requests that meet the outbound rules. Furthermore, with Firewall Manager, you can auto-remediate any non-compliant rules and get a detailed list of violations on your Firewall Manager console.
Amazon ElastiCache for Redis brings encryption in transit, encryption at rest and additional security features to the AWS Asia Pacific (Osaka) region
Amazon ElastiCache for Redis now supports encryption in-transit, encryption at-rest, and Redis authentication tokens to protect your data with additional security controls in the AWS Asia Pacific (Osaka) region.