AWS IAM Release Notes

AWS IAM Release Notes Document history for the AWS IAM User Guide.

  • AccessAnalyzerServiceRolePolicy – Added permissions
    on January 23, 2024 at 7:00 pm

    IAM Access Analyzer added support for permission to retrieve the current state of the block public access for Amazon EC2 snapshots to the service-level permissions of AccessAnalyzerServiceRolePolicy.

  • AccessAnalyzerServiceRolePolicy – Added permissions
    on January 11, 2024 at 7:00 pm

    IAM Access Analyzer added DynamoDB streams and tables to the service-level permissions of AccessAnalyzerServiceRolePolicy.

  • AccessAnalyzerServiceRolePolicy – Added permissions
    on December 1, 2023 at 7:00 pm

    IAM Access Analyzer added Amazon S3 directory buckets to the service-level permissions of AccessAnalyzerServiceRolePolicy.

  • AccessAnalyzerServiceRolePolicy – Added permissions
    on November 26, 2023 at 7:00 pm

    IAM Access Analyzer added IAM actions to the service-level permissions of AccessAnalyzerServiceRolePolicy to support the following actions:

  • IAM Access Analyzer added custom policy checks
    on November 26, 2023 at 7:00 pm

    IAM Access Analyzer now provides custom policy checks to validate that IAM policies adhere to your security standards ahead of deployments.

  • IAM Access Analyzer added unused access analyzers
    on November 26, 2023 at 7:00 pm

    IAM Access Analyzer simplifies inspecting unused access to guide you toward least privilege. IAM Access Analyzer continuously analyzes your accounts to identify unused access and creates a centralized dashboard with findings.

  • IAMAccessAnalyzerReadOnlyAccess – Added permissions
    on November 26, 2023 at 7:00 pm

    IAM Access Analyzer added permissions to IAMAccessAnalyzerReadOnlyAccess to allow you to check whether updates to your policies grant additional access.

  • Action last accessed information and policy generation support for over 60 additional services and actions
    on November 1, 2023 at 7:00 pm

    IAM now supports action last accessed information and generates policies with action-level information for over 60 additional services, along with a list of the actions for which action last accessed information is available.

  • Action last accessed information support for over 140 services
    on September 14, 2023 at 7:00 pm

    IAM now provides action last accessed information for more than 140 services, along with a list of the actions for which action last accessed information is available.

  • Support for multiple multi-factor authentication (MFA) devices for root users and IAM users
    on November 16, 2022 at 7:00 pm

    Now you can to add up to eight MFA devices per user, including FIDO security keys, software time-based one-time password (TOTP) with virtual authenticator applications, or hardware TOTP tokens.

  • IAM Access Analyzer support for new resource types
    on October 25, 2022 at 7:00 pm

    IAM Access Analyzer added support for the following resource types:

  • U2F deprecation and WebAuthn/FIDO update
    on May 31, 2022 at 7:00 pm

    Removed mentions of U2F as an MFA option and added information about WebAuthn, FIDO2, and FIDO security keys.

  • Updates to resilience in IAM
    on May 16, 2022 at 7:00 pm

    Added information about maintaining access to IAM credentials when an event disrupts communication between AWS Regions.

  • New global condition keys for resources
    on April 27, 2022 at 7:00 pm

    You can now control access to resources based on the account, Organizational Unit (OU), or organization in AWS Organizations that contains your resources. You can use the aws:ResourceAccount, aws:ResourceOrgID, and aws:ResourceOrgPaths global condition keys in an IAM policy.

  • Code examples for IAM using AWS SDKs
    on April 7, 2022 at 7:00 pm

    Added code examples that show how to use IAM with an AWS software development kit (SDK). The examples are divided into code excerpts that show you how to call individual service functions and examples that show you how to accomplish a specific task by calling multiple functions within the same service.

  • Updates to policy evaluation logic flow chart
    on November 17, 2021 at 7:00 pm

    Updates to the policy evaluation logic flow chart and related text in the Determining whether a request is allowed or denied within an account section.

  • Updates to security best practices
    on October 5, 2021 at 7:00 pm

    Added information about creating administrative users instead of using root user credentials, removed the best practice of using user groups to assign permissions to IAM users, and clarified when to use managed policies instead of inline policies.

  • Updates to policy evaluation logic topic for resource-based policies
    on October 5, 2021 at 7:00 pm

    Added information about the impact of resource-based policies and different principal types in the same account.

  • Updates to single-valued and multivalued condition keys
    on September 30, 2021 at 7:00 pm

    The differences between single-valued and multivalued condition keys are now explained in more detail. The value type was added to each AWS global condition context key.

  • AWS managed policy updates – Update to an existing policy
    on September 2, 2021 at 7:00 pm

    IAM Access Analyzer updated an existing AWS managed policy.

  • IAM Access Analyzer supports Amazon S3 Multi-Region Access Points
    on September 2, 2021 at 7:00 pm

    IAM Access Analyzer identifies Amazon S3 buckets that allow public and cross-account access, including those that use Amazon S3 Multi-Region Access Points.

  • More services supported for action-level policy generation
    on August 24, 2021 at 7:00 pm

    IAM Access Analyzer can generate IAM policies with action-level access activity information for additional AWS services.

  • Generate IAM policies for cross-account trails
    on August 18, 2021 at 7:00 pm

    You can now use IAM Access Analyzer to generate fine-grained policies based on your access activity using a AWS CloudTrail trail in a different account, for example, a centralized AWS Organizations trail.

  • Additional IAM Access Analyzer policy checks
    on June 29, 2021 at 7:00 pm

    IAM Access Analyzer extended policy validation by adding new policy checks that validate conditions included in IAM policies. These checks analyze the condition block in your policy statement and report security warnings, errors, and suggestions along with actionable recommendations.

  • Action last accessed support for more services
    on April 19, 2021 at 7:00 pm

    You can now view action last accessed information in the IAM console about the last time an IAM principal used an action for the following services: Amazon EC2, IAM, Lambda, and Amazon S3 management actions. You can also use the AWS CLI or AWS API to retrieve a data report. You can use this information to identify unnecessary permissions so that you can refine your IAM policies to better adhere to the principle of least privilege.

  • Monitor and control actions taken with assumed roles
    on April 13, 2021 at 7:00 pm

    Administrators can configure IAM roles to require that identities pass a source identity, which is logged in AWS CloudTrail. Reviewing source identity information helps administrators determine who or what performed actions with assumed role sessions.

  • Generate IAM policies based on access activity
    on April 7, 2021 at 7:00 pm

    You can now use IAM Access Analyzer to generate fine-grained policies based on your access activity found in your AWS CloudTrail.

  • IAM Access Analyzer policy checks
    on March 16, 2021 at 7:00 pm

    IAM Access Analyzer now provides over 100 policy checks with actionable recommendations during policy authoring.

  • Expanded policy validation options
    on March 15, 2021 at 7:00 pm

    Expanded policy validation available in the IAM console, AWS API, and AWS CLI using policy checks in IAM Access Analyzer to help you author secure and functional JSON policies.

  • Tagging IAM resources
    on February 11, 2021 at 7:00 pm

    You can now tag additional IAM resources using a tag key-value pair.

  • Default password policy for IAM users
    on November 18, 2020 at 7:00 pm

    If you do not set a custom password policy for your AWS account, IAM user passwords must now meet the default AWS password policy.

Websitecyber related posts:

Cyber Scam Traffickers

They're educated and tech-savvy and have been trafficked into forced labor in Southeast Asia by cyber scam traffickers.

Microsoft AI Cybersecurity

Microsoft extending a frenzy of artificial intelligence AI software releases, is introducing new chat tools that can help cybersecurity teams.

Sectors

Sectors In addition to shrink reduction.

Actors And Artificial Intelligence

As Hollywood actors continue to strike, a major issue in negotiations is the role artificial intelligence could have in reshaping the entertainment industry.

Identity Theft Security IdentityIQ

Protect your data with identity theft protection and credit monitoring that includes 3-bureau credit reporting, dark web scans, fraud alerts, and more.

2023 Cyber Insurance Update

2023 update on global cyber insurance, including the market’s growth, regulatory changes, and response to changes in cyber threats and losses.

Internet Systems Consortium

Recent content from Internet Systems Consortium.

Kmart, Bunnings, Good Guys Facial Recognition

Kmart, Bunnings and the Good Guys have come under fire for the use of facial recognition technology on customers have now been referred for privacy breaches.

Hackers Target Political Money

Politicians are experiencing an increase in theft from their campaign funds by hackers, with cyber criminals targeting these massive campaign accounts.

Australian Signals Directorate on Twitter

Australian Signals Directorate on Twitter

Threat From China's Cyber Bombs

FBI Director Christopher Wray raised the alarm on the threat posed by Chinese hackers and the potential for cyber attacks on critical U.S. infrastructure.

Border and Port Security

RAND Research Topic Border and Port Security
Share Websitecyber