264: AWS Audit Manager: Because even AI needs a Babysitter!

Welcome to episode 264 of the Cloud Pod Podcast – where the forecast is always cloudy! Justin, Jonathan, Ryan (and eventually) Matthew are all on hand this week  – and *announcement noise* this week it’s the return of the Cloud Journey Series! There’s also a lot of news from Re:inforce, a ground-breaking partnership between Oracle and Google Cloud, and updates to GKE. The guys also look ahead to Finops ‘24. 

Titles we almost went with this week:

• First, AI came for Writers/Artists, then it came for Developers, and now it comes for Security… What’s Next? 
• Amazon Reinforces my Lack of Interest in Attending – JPB rl
• Object Storage Malware protection, everyone, please copy it!
• Amazon is the last man out in Oracle next-gen partnerships
• Dear Google, A partnership with Oracle is not Groundbreaking when Azure already did it
• AWS Announces some “We finally got around to it feature updates”
• Protect your S3 buckets from themselves with Amazon Guard Duty
• The CloudPod and AI play Guess Who? with IAM Access Analyzer.

A big thanks to this week’s sponsor:

We’re sponsorless! Want to reach a dedicated audience of cloud engineers? Send us an email, or hit us up on our Slack Channel and let’s chat! 

AWS 

01:04 Simplify risk and compliance assessments with the new common control library in AWS Audit Manager  

• AWS Audit Manager is introducing a common control library that provides common controls with predefined and pre-mapped AWS data sources. 
• This makes it easy for the GRC teams to use the common control library to save time when mapping enterprise controls into Audit Manager for evidence collection, reducing their dependence on IT teams. 
• You can view the compliance requirements for multiple frameworks such as PCI or HIPAA, associated with the same common control in one place, making it easier to understand your audit readiness across multiple frameworks simultaneously. 
• Interested in pricing? You can find that info here. 

01:37 Ryan – “It’s the dream! Automated evidence generation. And now with the context of known frameworks. Yeah; because that’s always the challenge, you know, are the last step of the translation – this is the control. Hey, we need all these controls to do this level of compliance.”

04:36 Centrally manage member account root email addresses across your AWS Organization

• 2017 Justin is really digging all these quality-of-life features coming out, and we like to think that AWS has just finally gotten to our pile of feature requests from back then.  
• This week, it’s now easier for AWS Organizations customers to centrally manage the root email address of member accounts across their organization using the CLI, SDK and Organizations Console.