Questions in Security, Identity, & Compliance
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Best practice for storing EC2 SSH keys, SQL Server encryption keys (SMK, DMK), other encryption keyslg...
Hi all,
I'm looking for best practices on where to store the SSH key that is created when a Linux EC2 instance is created. In our environment, we join our instances to a domain and protect them with a...
2
answers
0
votes
272
views
asked 4 days agolg...
I have set up a WAF to protect my API with targeted bot control. I use the fetch wrapper `AwsWafIntegration.fetch()` to call the api, however when I call the API from localhost the WAF responds with a...
0
answers
0
votes
252
views
asked 4 days agolg...
Hi
- We had associated the ACFP managed rule group to an existing Web ACL.
Got the integration URL as shown in screenshot below.
Issue:
- As shown in the screenshot below, there is only option to...
0
answers
0
votes
103
views
asked 4 days agolg...
With this scenario:
* Using Keycloak as an Identity Provider for both the Quicksight console and the AWS management console as Service Providers.
* You have individual identity IDs in Keycloak who...
0
answers
0
votes
246
views
asked 4 days agolg...
Hi,
I would like to use newly released AWS Resource Tagging Standard v1.0.0 of Security Hub to inspect whether the required tags are applied across the AWS account uniformly.
On my understanding,...
1
answers
0
votes
45
views
asked 4 days agolg...
Hi,
i followed this documentation to get notification whenever any changes in IAM policies has been...
2
answers
0
votes
32
views
asked 4 days agolg...
AWS Firewall Issueslg...
Hey all, I'm looking to pick your brains about an issue I'm facing, I have no doubts I've done something wrong. I am looking to limit internet access using an AWS Firewall.
My VPC currently has...
3
answers
0
votes
811
views
asked 5 days agolg...
I need to perform signing/verification and/or encryption/decryption using a key present in hsm. To elaborate, I wan to fetch the key from aws cloudhsm and the use that key to perform crypto...
1
answers
0
votes
99
views
asked 5 days agolg...
Hi Everyone,
I am working for a bank and few days ago i am getting alerts in guard duty that there are malicious caller calling /version from US and Amsterdam.
Message is "A Kubernetes API commonly...
3
answers
0
votes
260
views
asked 5 days agolg...
Is there any way to enable guard duty's S3 protection for only some buckets?
As an example I have a bucket that stores company logos and profile pictures. I don't want all these access events...
2
answers
0
votes
288
views
asked 5 days agolg...
I am wanting to know if it is possible to create one IAM policy that can be attached to multiple Roles and Role Aliases and/or Can I have one role alias for all my IoT Devices and set dynamic IAM...
2
answers
0
votes
115
views
asked 5 days agolg...
We use mutual authentication to connect to our client VPN endpoint. How would we handle updating the client certificate arn for a client VPN endpoint? Can that Client Certificate arn only be set...
1
answers
0
votes
52
views
asked 5 days agolg...