June 14, 2024 at 03:00AM
AWS made several security announcements at its re:Inforce conference, including new features for identity and malware protection services. These include support for passkeys as part of multi-factor authentication, IAM Access Analyzer enhancements, Amazon GuardDuty Malware Protection for S3, and a preview of natural language query generation in AWS CloudTrail Lake. Additionally, AWS announced plans to introduce a new region in Taiwan in 2025.
The key takeaways from the meeting notes are:
1. AWS announced various security-related updates at the re:Inforce conference focused on identity and malware protection services.
2. Passkeys have been added as a supported multi-factor authentication (MFA) mechanism for root and IAM users, with enforcement of MFA on root users, specifically the AWS Organization management account users.
3. The company highlighted the ability to use built-in authenticators in phones and laptops to unlock a cryptographically secured credential for AWS sign-in, with passkeys storage in cloud services for easy access across devices.
4. IAM Access Analyzer now has custom policy checks to detect access to critical AWS resources and public access as well as guided revocation for unnecessary access.
5. Amazon GuardDuty Malware Protection is now generally available for Amazon S3, enabling the detection of malicious files in S3 buckets.
6. AWS CloudTrail Lake introduced a new feature for natural language query generation using gen-AI to analyze CloudTrail logs for compliance, security, and operational requirements.
7. AWS also informed customers about the upcoming region in Taiwan in early 2025 for running workloads and storing data within the country.