Web: https://aws.amazon.com/security/security-bulletins/AWS-2022-002/

Jan. 13, 2022, 9:42 p.m. | aws@amazon.com

Latest Bulletins amazon.com

Initial Publication Date: 2022/01/13 13:00 PST

A security researcher recently reported an issue that allowed them to take actions as the AWS Glue service. Utilizing an AWS Glue feature, researchers obtained credentials specific to the service itself, and an AWS-internal misconfiguration permitted the researchers to use these credentials as the AWS Glue service. There is no way that this could have been used to affect customers who do not use the AWS Glue service.

No customer action is required.



Head of Information Security

@ Canny | Remote

Information Technology Specialist (INFOSEC)

@ U.S. Securities & Exchange Commission | Washington, D.C.

Information Security Manager - $90K-$180K - MANAG002176

@ Sound Transit | Seattle, WA

Sr. Software Security Architect

@ SAS | Remote

Senior Incident Responder

@ CipherTechs, Inc. | Remote

Data Security DevOps Engineer Senior/Intermediate

@ University of Michigan - ITS | Ann Arbor, MI