Questions tagged with Security
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
One of our client is trying to reach our application but they are not able to reach with 403 error.
We have enabled WAF for this application with a custom rule looking for X-Forwarded-For header...
2
answers
0
votes
397
views
asked 2 months agolg...
Implications of TLS 1.2 as Minimum Protocol for AWS API Endpoints: Does it impact on ELB and S3 etc.lg...
I recently came across a notification stating, "TLS 1.2 to become the minimum TLS protocol level for all AWS API endpoints." This change prompts the question: does it affect all services on AWS?...
2
answers
0
votes
500
views
asked 2 months agolg...
What should be my security group rule when Internet-facing ALB is introduced as a target to private NLB?
This documentation...
2
answers
0
votes
542
views
asked 2 months agolg...
Hello,
We want to let students create their own personal (private) CodeCommit Repos based on IdentityPool, we find it possible to create CodeCommit repos programmatically...
1
answers
0
votes
315
views
asked 2 months agolg...
Recently started building a SPA. I'm using the [official AWS stand-alone Amplify javascript library for Auth](https://github.com/aws-amplify/amplify-js?tab=readme-ov-file#features). After deploying my...
1
answers
0
votes
569
views
asked 2 months agolg...
Hello,
Which is the preferred way to connect from a VPC Lambda to an AWS Service ?
When I tried to create a VPC Endpoint for AWS Service Translate, I've noticed that all AWS Services are available...
2
answers
0
votes
437
views
asked 2 months agolg...
In Amazon Grafana its possible to add HTML panels but its impossible to use external links. I've even tried using links to S3 bucket in AWS.
I need to embed a widget or use some external js library...
2
answers
0
votes
435
views
asked 2 months agolg...
I was wondering how I can/should 'protect' my API endpoint (which triggers a Lambda function.) As the endpoint is publicly visible, it seems that someone could spam it with requests.
From what I've...
2
answers
0
votes
289
views
asked 2 months agolg...
I have a website that is behind ALB with WAF integration. Our vulnerability scan showed the following:
Website Does Not Implement HSTS Best Practices
**Recommendation:**
Implement HTTP Strict...
2
answers
0
votes
716
views
asked 2 months agolg...
I have done a security vulnerability scan against my hosted site behind ALB with WAF integration. The scan reported the following:
Content Security Policy (CSP)...
1
answers
0
votes
716
views
asked 2 months agolg...
AWS Abuse Emaillg...
We've received a report(s) that your AWS resource(s) has been implicated in activity which resembles attempts to access remote hosts on the internet without authorization. Activity of this nature is...
2
answers
0
votes
291
views
asked 3 months agolg...
I created and applied an opt-out policy for all AI services in my organizations.
Is there a way to check that the policy has been applied? like monitoring system.
1
answers
0
votes
419
views
asked 3 months agolg...