Amazon EC2 now supports AMI Block Public Access, an account-wide setting that ensures the security of your Amazon Machine Images (AMIs). Before this I used SCP and denied the "ec2:ModifyImageAttribute" permission to block public access. However, this wasn't the perfect solution as it also hindered genuine modifications to AMI. With the new BPA feature, we can now safeguard our AMIs from inadvertent access more effectively. This feature is a significant step forward in ensuring the security and privacy of our AMIs. Available in all AWS Regions! #AWS #AMI #EC2 #CloudSecurity https://lnkd.in/g7ND2nWj
Chandrapal Badshah’s Post
More Relevant Posts
-
Starting today, Amazon EC2 protects your Amazon Machine Images (AMIs) from accidental deregistration by allowing you to mark them as protected, preventing unintentional deregistrations and safeguarding your AWS environments on Amazon Web Services (AWS) https://lnkd.in/d6SPTdmm #aws #awscloud
Amazon EC2 now protects your AMIs from accidental deregistration
aws.amazon.com
To view or add a comment, sign in
-
❄ ☃ I hope you had a great winter break! What a better way to start the new year than some good news. 👉 We just launched EC2 security groups for pods in #IPv6 clusters! Together with support for Amazon VPC CNI network policies customers have an option for controlling network traffic within the cluster, while using security groups to control access to Amazon Web Services resources outside the cluster. #AWS #AmazonWebServices #containers #kubernetes #eks #security
Amazon EKS now supports assigning EC2 security groups to IPv6 Kubernetes pods
aws.amazon.com
To view or add a comment, sign in
-
Day 4: Grasping the Nuances of EC2 🧩☁️ Today's lessons drilled deeper into the intricacies of AWS EC2 (Elastic Compute Cloud) for virtual computing prowess. Key concepts mastered: ✨ EC2 Instance Families - General Purpose (M), Compute Optimized (C), Memory Optimized (R), and more - Learned optimal use cases to pick the right instance type ✨ Instance Storage Choices - Instance Store Volumes: Temporary block storage, low latency - EBS (Elastic Block Store): Persistent storage, high availability ✨ Buttoning Up Security - Configured Security Groups as virtual firewalls to control traffic - Created Key Pairs for secure SSH access into instances Lots of hands-on labs really drove these points home. I can now provision EC2 instances, choose ideal storage, and lock it down tight! Still grasping the subtleties of networking with VPCs, Subnets, etc. But that's next on the study list. Shoutout to Abhishek Veeramalla's awesome #AWSZeroToHero guide! The EC2 Force is strong, but the path has many layers. #AWSStudentLyfe #EC2Mastery #BuildInPublic
To view or add a comment, sign in
-
Are you tired of managing SSH keys and dealing with open ports? Enhance your AWS security posture with AWS SSM Session Manager! This article discusses how to connect to EC2 instances without exposing them to the internet. Key benefits: - No more open ports 🔒 - Secure access to private subnets 🔒 - Simplified key management 🔑 - Granular IAM control 🔒
AWS CookBook 1.6 Connecting to EC2 Instances using AWS SSM Session Manager
suryendub.github.io
To view or add a comment, sign in
-
🚀 AWS Weekly Roundup! Big news: 🔸 Amazon S3 eliminates charges for certain HTTP errors—save more! 🔸 New Amazon EC2 C7i-flex instances: 19% improved price performance. 🔸 Application Load Balancer now supports IPv6-only—cut IPv4 costs! 🔸 Amazon VPC Lattice upgrades to support TLS Passthrough for stronger security. 🔸 Zero-ETL integration between Amazon DocumentDB and OpenSearch Service. 🔸 Amazon EventBridge now enables encryption with customer managed keys. Stay ahead with these innovative updates. Follow for more. #AWS #CloudComputing #Innovation Read more 👉 https://lnkd.in/eAm_gfeD
To view or add a comment, sign in
-
🔐🌍 Enhance your EC2 instance security with precise IP access control! Learn how to: 🚦 Manage inbound & outbound traffic 🛡️ Use Security Groups and Network ACLs effectively Secure your AWS environment today. Details 👉 https://lnkd.in/gDSNBmxn #SecurityGroup #AWS #ACL #Inbound #Outbound
How to allow or block specific IPs on EC2 instance?
https://elite.cloud
To view or add a comment, sign in
-
Yes AWS Cloud Trail and Cloud Watch are normal ingress feeds into Fluency BUT did you know we also capture the AWS Security Data Lake? Yup, and below are a few examples of issues that can quickly be alerted on to help you keep your AWS environment safer. AWS Security Data Lake: Failed Compliance Items with a Critical Severity These are actual failures from testing we've done. * This control checks whether unrestricted incoming traffic for an Amazon EC2 security group is accessible to the specified ports "Security groups should not allow unrestricted access to ports with high risk" * This control checks whether an Amazon S3 general purpose bucket permits public read access. It evaluates the block public access "S3 general purpose buckets should block public read access" * This AWS control checks whether your AWS account is enabled to use a hardware multi-factor authentication (MFA) device to sign "Hardware MFA should be enabled for the root user" Fluency allows you the ability to fully monitor your AWS infrastructure environment with supporting alerts and notifications. #fluencysecurity #observability #awssecuritydatalake #aws #siem
To view or add a comment, sign in
-
At #AWSreInvent 2023 - #Commvault and #AWS reinforce #cyberresilience strategies by announcing support for Amazon S3 Express One Zone storage class and availability of #CommvaultCloud SaaS Foundational Protection for Amazon EC2. Explore how these innovations bolster data protection, agility, and security: http://ow.ly/mc6b1054b9S
Commvault Bolsters Cyber Resilience with AWS Announcing support for the Amazon S3 Express One Zone Storage Class and Simplified SaaS Backup
To view or add a comment, sign in
-
The AWS EC2 Dashboard has rolled out a range of features and capabilities that are designed to enhance your control over data protection, security, zone management, and more. Here's a quick rundown of what you can now manage under the EC2 Settings. Please see the below blog post for details. #Amazon #AWS #EC2 #AmazonAWS #EC2Instances #Security #DataProtection #CloudSecurity
Exploring New Features in the EC2 Dashboard Settings
link.medium.com
To view or add a comment, sign in
-
Cloud Solutions Architect | AWS 5x, Azure 10x, GCP 2x| I help organizations adopt and excel in cloud
Amazon EC2 now supports AMI Block Public Access (BPA), an account-wide setting that allows customers to block public sharing of Amazon Machine Images (AMIs) in a region. Customers managing AMIs at-scale now have a simple and proactive way of safeguarding their AMIs from inadvertent access by unauthorized users. Prior to AMI BPA, customers had to manually check AMI settings or run custom scripts to detect if their AMIs had been inadvertently made public. Now by enabling the AMI BPA setting within their AWS account, customers can ensure that no new AMI is made public within their AWS account. This blocks unauthorized access to AMIs due to unintended public sharing and prevents their potential misuse. Customers with existing public AMIs can also enable AMI BPA within their AWS accounts to restrict private AMIs in their account from being publicly shared, without impacting existing public AMIs. AMI BPA is currently disabled by default for all AWS Accounts, and customers can enable AMI BPA through AWS CLI, SDKs or Console.
Amazon EC2 now supports Block Public Access for Amazon Machine Images
aws.amazon.com
To view or add a comment, sign in