AWS This Week

AWS This Week: Amazon Fraud Detector launches Account Takeover Insights (ATIs)

Episode description

Jess Alvarez is back with your AWS news! This week, Amazon Fraud Detector launches Account Takeover Insights (ATIs), AWS Network Firewall now supports VPC prefix lists, you can now programmatically manage primary contact information on your AWS accounts, and AWS Single Sign-On (AWS SSO) has changed its name to AWS IAM Identity Center.

Introduction to AWS updates (0:00)
Amazon Fraud Detector launches Account Takeover Insights (ATIs) (0:39)
AWS Network Firewall now supports VPC prefix lists (1:24)
Programmatically manage primary contact information on AWS accounts (2:35)
Single Sign-On is now IAM Identity Center (3:14)

Sign up for a free A Cloud Guru plan to get access to free courses, quizzes, learning paths, and web series

Subscribe to A Cloud Guru for AWS latest updates and service announcements, every week

Like us on Facebook and Twitter!

Join the conversation on Discord!

Series description

Join our ACG hosts as they recap the most important developments in the AWS world from the past week. Keeping up with ever-changing world of cloud can be difficult, so let us do the hard work sifting through announcements to bring you the best of what's new with AWS This Week.

Hello Cloud Gurus. Welcome back to another AWS This Week, where we find out what goodies AWS have in store for us from the past seven days. I am your friendly neighborhood,Jess Alvarez. And this week, Fraud Detector launches a new feature, Network Firewall now supports VPC prefix lists, you can now manage primary contact information on AWS accounts programmatically, and finally, SSO has a brand new name. Stay tuned to hear the full story in this episode of AWS This Week. Fraud detector, Amazon's service that automates the detection of potentially fraudulent activities online, launched Account Takeover Insights, or ATI. ATI

is a machine learning model type that uses login events to identify fraudulent activity by detecting if accounts were compromised through malicious takeovers, social engineering, phishing, or stolen credentials. This new model is designed to detect up to four times more ATI fraud than traditional rules-based solutions. Fraud Detector is designed to autoscale to handle up to 200 fraud predictions per second. And this limit can be increased. This new feature is available in all regions where Fraud Detector is available. Network Firewall makes it possible to deploy network protections for all of your VPC, both inbound and outbound protection, as you would expect from a firewall.

Network Firewall uses rules that are flexible and can allow fine grain control over your network traffic. Well, that functionality now includes VPC prefix lists. This will allow you to group one or more CIDR blocks into a single object of frequently used IP addresses in a prefix list, then reference that list and network firewall rule groups. You used to have to update individual firewall rules when scaling your network to add new IP addresses. And now you can update the relevant prefix list and all rule groups that reference that prefix list will automatically update.

Use prefix list to simplify management of your firewall rule groups and policies across multiple VPCs and accounts in the same region. This new functionality is available in all commercial regions where Network Firewall is available. So have you found that updating primary contact information on your AWS account is more difficult than it should be? Well rest easy as AWS has now made it easier for you to view and update that information using the AWS CLI and SDK. So the SDK already allows you to manage billing operations and security contacts for your AWS account. But now you can use the same SDK to update your primary contact information, to save you time and effort. This new functionality also includes organizations.

So you can now centrally manage primary contact information for all member accounts, using the management console as well. This new functionality does not add any costs or require any additional work on your part. So that's cool. Single sign-on users gather round, and I'll tell you a tale. What we know as AWS Single Sign-On is now bump bump bum ... IAM Identity Center.

This new name reflects the service capabilities foundation in AWS identity and access management, or IAM, and role as the central place to manage access across AWS. If you're currently using SSO, there's no change to how you manage access to multiple AWS accounts or applications. So take a deep breath. I know, I was a little worried too. For anyone new to the IAM Identity Center, formerly known as SSO, it is the gatekeeper into AWS for your workforce. Anyone who is using IAM can configure IAM Identity Center to run parallel to it, and then gradually shift from IAM to the IAM Identity Center. IAM Identity Center supports various security standards and compliance certifications, to which I have included a link for you to review, should you need to. It is available in 21 regions globally.

I hope you enjoyed this episode of AWS This Week. I'll include links in the resources to cover all the fancy new things we covered today. And don't forget to join our awesome Discord community, where you can hang out with all your favorite AWS training architects and like-minded people. Thank you so much for joining me today. Remember, deep breaths, baby steps, and keep being awesome cloud gurus.

More videos in this series

Master the Cloud with ACG

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?