Questions in Security, Identity, & Compliance
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Best practice for storing EC2 SSH keys, SQL Server encryption keys (SMK, DMK), other encryption keyslg...
Hi all,
I'm looking for best practices on where to store the SSH key that is created when a Linux EC2 instance is created. In our environment, we join our instances to a domain and protect them with a...
2
answers
0
votes
338
views
asked 11 days agolg...
I have set up a WAF to protect my API with targeted bot control. I use the fetch wrapper `AwsWafIntegration.fetch()` to call the api, however when I call the API from localhost the WAF responds with a...
0
answers
0
votes
372
views
asked 11 days agolg...
Hi
- We had associated the ACFP managed rule group to an existing Web ACL.
Got the integration URL as shown in screenshot below.
Issue:
- As shown in the screenshot below, there is only option to...
0
answers
0
votes
179
views
asked 11 days agolg...
With this scenario:
* Using Keycloak as an Identity Provider for both the Quicksight console and the AWS management console as Service Providers.
* You have individual identity IDs in Keycloak who...
0
answers
0
votes
337
views
asked 11 days agolg...
Hi,
I would like to use newly released AWS Resource Tagging Standard v1.0.0 of Security Hub to inspect whether the required tags are applied across the AWS account uniformly.
On my understanding,...
1
answers
0
votes
59
views
asked 11 days agolg...
Hi,
i followed this documentation to get notification whenever any changes in IAM policies has been...
2
answers
0
votes
40
views
asked 11 days agolg...
AWS Firewall Issueslg...
Hey all, I'm looking to pick your brains about an issue I'm facing, I have no doubts I've done something wrong. I am looking to limit internet access using an AWS Firewall.
My VPC currently has...
3
answers
0
votes
1644
views
asked 11 days agolg...
I need to perform signing/verification and/or encryption/decryption using a key present in hsm. To elaborate, I wan to fetch the key from aws cloudhsm and the use that key to perform crypto...
1
answers
0
votes
114
views
asked 11 days agolg...
Hi Everyone,
I am working for a bank and few days ago i am getting alerts in guard duty that there are malicious caller calling /version from US and Amsterdam.
Message is "A Kubernetes API commonly...
3
answers
0
votes
460
views
asked 11 days agolg...
Is there any way to enable guard duty's S3 protection for only some buckets?
As an example I have a bucket that stores company logos and profile pictures. I don't want all these access events...
2
answers
0
votes
312
views
asked 11 days agolg...
I am wanting to know if it is possible to create one IAM policy that can be attached to multiple Roles and Role Aliases and/or Can I have one role alias for all my IoT Devices and set dynamic IAM...
2
answers
0
votes
146
views
asked 11 days agolg...
We use mutual authentication to connect to our client VPN endpoint. How would we handle updating the client certificate arn for a client VPN endpoint? Can that Client Certificate arn only be set...
1
answers
0
votes
76
views
asked 12 days agolg...