Questions in Security, Identity, & Compliance
Content language: English
Select up to 5 tags to filter
Sort by most recent
Browse through the questions and answers listed below or filter and sort to narrow down your results.
Best practice for storing EC2 SSH keys, SQL Server encryption keys (SMK, DMK), other encryption keyslg...
Hi all,
I'm looking for best practices on where to store the SSH key that is created when a Linux EC2 instance is created. In our environment, we join our instances to a domain and protect them with a...
1
answers
0
votes
61
views
asked 6 hours agolg...
I have set up a WAF to protect my API with targeted bot control. I use the fetch wrapper `AwsWafIntegration.fetch()` to call the api, however when I call the API from localhost the WAF responds with a...
0
answers
0
votes
60
views
asked 12 hours agolg...
Hi
- We had associated the ACFP managed rule group to an existing Web ACL.
Got the integration URL as shown in screenshot below.
Issue:
- As shown in the screenshot below, there is only option to...
0
answers
0
votes
46
views
asked 12 hours agolg...
With this scenario:
* Using Keycloak as an Identity Provider for both the Quicksight console and the AWS management console as Service Providers.
* You have individual identity IDs in Keycloak who...
0
answers
0
votes
39
views
asked 12 hours agolg...
Hi,
I would like to use newly released AWS Resource Tagging Standard v1.0.0 of Security Hub to inspect whether the required tags are applied across the AWS account uniformly.
On my understanding,...
1
answers
0
votes
31
views
asked 13 hours agolg...
Hi,
i followed this documentation to get notification whenever any changes in IAM policies has been...
1
answers
0
votes
15
views
asked 14 hours agolg...
AWS Firewall Issueslg...
Hey all, I'm looking to pick your brains about an issue I'm facing, I have no doubts I've done something wrong. I am looking to limit internet access using an AWS Firewall.
My VPC currently has...
3
answers
0
votes
81
views
asked 15 hours agolg...
I need to perform signing/verification and/or encryption/decryption using a key present in hsm. To elaborate, I wan to fetch the key from aws cloudhsm and the use that key to perform crypto...
1
answers
0
votes
57
views
asked 20 hours agolg...
Hi Everyone,
I am working for a bank and few days ago i am getting alerts in guard duty that there are malicious caller calling /version from US and Amsterdam.
Message is "A Kubernetes API commonly...
3
answers
0
votes
86
views
asked 20 hours agolg...
Is there any way to enable guard duty's S3 protection for only some buckets?
As an example I have a bucket that stores company logos and profile pictures. I don't want all these access events...
2
answers
0
votes
128
views
asked a day agolg...
I am wanting to know if it is possible to create one IAM policy that can be attached to multiple Roles and Role Aliases and/or Can I have one role alias for all my IoT Devices and set dynamic IAM...
2
answers
0
votes
86
views
asked a day agolg...
We use mutual authentication to connect to our client VPN endpoint. How would we handle updating the client certificate arn for a client VPN endpoint? Can that Client Certificate arn only be set...
1
answers
0
votes
39
views
asked a day agolg...