This page contains the following categories of information. Click to jump down:

Overview

Amazon Web Services (AWS) delivers a highly scalable cloud computing platform with high availability and dependability, and the flexibility to enable customers to build a wide range of applications. In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices, provides appropriate security features in those services, and documents how to use those features. In addition, AWS customers must use those features and best practices to architect an appropriately secure application environment. Enabling customers to ensure the confidentiality, integrity, and availability of their data is of the utmost importance to AWS, as is maintaining trust and confidence.

At a high level, we’ve taken the following approach to secure the AWS infrastructure:

• Certifications and Accreditations. AWS is actively seeking the appropriate security certifications and accreditations in order to provide our customers with additional confidence in our infrastructure. In addition, we will continue to publish guidance on how AWS enables customers to build applications that are compliant with standards, such as HIPAA.
• Physical Security. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical barriers to prevent unauthorized access.
• Secure Services. Each of the services within the AWS cloud is architected to be secure and contains a number of capabilities that restrict unauthorized access or usage without sacrificing the flexibility that customers demand. For more information about the security capabilities of each service in the AWS cloud, consult the Amazon Web Services: Overview of Security Processes whitepaper.
• Data Privacy. AWS enables users to encrypt their personal or business data within the AWS cloud and publishes backup and redundancy procedures for services so that customers can gain greater understanding of how their data flows throughout AWS. For more information on the data privacy and backup procedures for each service in the AWS cloud, consult the Amazon Web Services: Overview of Security Processes whitepaper.

The AWS Security Center provides links to technical information, tools, and prescriptive guidance designed to help you build and manage secure applications in the AWS cloud. Our goal is to use this forum to proactively notify developers about security bulletins. Such transparency is the backbone of trust between AWS and our customers.

↑ Top

Security Bulletins

No matter how carefully engineered the services are, from time to time it may be necessary to notify customers of security and privacy events with AWS services. We will publish security bulletins below. You can also subscribe to our Security Bulletin RSS Feed to keep abreast of security announcements.

Date	Type	Subject	RSS
November 05, 2009	Informational	Linux 2.6 kernel vulnerability in certain EC2 AMIs (read more) A local privilege escalation vulnerability has been reported for most versions of the Linux 2.6 kernel. We are investigating and will update this bulletin with next steps.
October 13, 2009	Informational	UDP traffic to EC2 instances (read more) October 12, 2009 — There have been blog postings and questions this weekend regarding the potential to UDP flood an Amazon EC2 instance. We have been investigating this issue and are in contact with the publisher of these experiments. We will provide more details regarding this shortly. October 13, 2009 — We were able to replicate the conditions that allowed the UDP flood issue described over this weekend. We have implemented changes in EC2 that remove these conditions and prevent the behavior. In addition to our own testing, the party reporting the issue has confirmed that the behavior is no longer reproducible.
September 29, 2009	Informational	Linux kernal vulnerability in certain EC2 AMIs (read more) A vulnerability in certain versions of the Linux kernel allows local users to gain privilege. In response, EC2 has released patched 2.6.18 and 2.6.21 kernels (AKI) and ramdisks (ARI). We suggest that EC2 users update their AMIs and relaunch their affected instances to take advantage of the patched kernels. Detailed information about the vulnerability and patch are available at: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2692 Note that this vulnerability affects all Linux kernels 2.6.0 through 2.6.30.4 unless patched. To take advantage of these new kernels and ramdisks, users will need to rebuild existing AMI and update the references to both the AKI and ARI. This process is outlined in an AWS Developer-Resources tutorial: http://developer.amazonwebservices.com/connect/entry.jspa?externalID=2865 2.6.21 kernels are available as: US Region: 32-bit: aki-6eaa4907 ari-e7dc3c8e ami-48aa4921 64-bit: aki-a3d737ca ari-4fdf3f26 ami-f61dfd9f EU Region: 32-bit: aki-02486376 ari-aa6348de ami-0a48637e 64-bit: aki-f2634886 ari-a06348d4 ami-927a51e6 The appropriate modules are in ec2-downloads and the full source is here: http://ec2-downloads.s3.amazonaws.com/linux-2.6.21.7-2.fc8xen-ec2-v1.0-src.tgz 2.6.18 kernels are available as: US region: 32-bit: aki-f5c1219c ari-dbc121b2 64-bit: aki-e5c1218c ari-e3c1218a EU region: 32-bit: aki-966a41e2 ari-906a41e4 64-bit: aki-aa6a41de ari-946a41e0 The appropriate modules are in ec2-downloads and the full source is here: http://ec2-downloads.s3.amazonaws.com/xen-3.1.0-src-ec2-v1.2.tgz
September 17, 2009	Informational	MIT and UC San Diego researchers publish report (read more) A recent report describes cloud cartography research methods conducted on Amazon EC2 which could increase an attacker’s probability of launching a compute instance on the same physical server as another specific target compute instance. While no specific attacks were identified in this paper, AWS takes any potential security issue very seriously and we are in the process of rolling out safeguards that prevent potential attackers from using the cartography techniques described in the paper. In addition to investigating how to collocate compute instances on EC2 using cloud cartography, the paper goes on to present hypothetical side channel attacks which attempt to gain information from target instance once an attacker successfully has an instance running on the same physical host. The side channel techniques presented are based on testing results from a carefully controlled lab environment with configurations that do not match the actual Amazon EC2 environment. As the researchers point out, there are a number of factors that would make such an attack significantly more difficult in practice. While this report contained only hypothetical scenarios, we are taking the observations very seriously and will continue to investigate these potential exploits. We will also continue to develop features that create added levels of security for our users. Recent examples include AWS Multi-Factor Authentication (AWS MFA), which provides customers an additional layer of security to the administration of a customer’s AWS account by requiring a second piece of information to confirm a user’s identity. With AWS MFA enabled, users must provide a six-digit, rotating code from a device in their physical possession in addition to their standard AWS account credentials, before they are allowed to make changes to their AWS account settings. Additionally, users can rotate access credentials (e.g., an AWS Access Key ID or X.509 Certificate). This enables users to seamlessly replace the existing access credential with the new one without incurring any downtime to applications. Applications can be made more secure by regularly rotating access credentials to further protect an account in the event access credentials are lost or compromised.

If you are a security researcher and wish to communicate with us, please e-mail security@amazon.com. Customers can report suspected abuse via the contacts available here: http://aws.amazon.com/contact-us/report-abuse/

↑ Top

Background Information

Delivering a secure cloud computing platform involves implementing numerous best practices for on-premise infrastructure as well as a host of additional considerations unique to a hosted infrastructure environment. The Amazon Web Services: Overview of Security Processes whitepaper will provide background information and an overview of the AWS philosophy in offering a secure cloud computing platform.

Amazon Web Services Overview of Security Processes whitepaper (pdf)

Creating HIPAA-Compliant Medical Data Applications with AWS whitepaper (pdf)

↑ Top

Security Credentials

AWS provides a number of ways for you to identify yourself and securely access your account. You can find the complete list of credentials that we support on the Security Credentials page under Your Account. We also provide two additional security options that enable you to further protect your account and control access: Multi-Factor Authentication and Key Rotation.

AWS Multi-Factor Authentication (AWS MFA)

AWS Multi-Factor Authentication (AWS MFA) is an additional layer of security that offers enhanced control over your AWS account settings. When you enable this opt-in account feature, you’ll need to provide a six-digit single-use code in addition to your standard AWS account credentials before access is granted to your AWS account settings. You get this single use code from an authentication device that you keep in your physical possession. This is called Multi-Factor Authentication because two factors are checked before access is granted to your account: you need to provide both your Amazon email-id and password (the first “factor”: something you know) AND the precise code from your authentication device (the second “factor”: something you have).

It is easy to obtain an authentication device from a participating third party provider and to set it up for use via the AWS website. More information about multi-factor authentication is available here.

Key Rotation

For the same reasons as it is important to change your password frequently, AWS recommends that you rotate your access keys and certificates on a regular basis. To let you do this without potential impact to your applications’ availability, AWS supports multiple concurrent access keys and certificates. With this feature, you can rotate keys and certificates into and out of operation on a regular basis without any downtime to your application. This can help to mitigate risk from lost or compromised access keys or certificates.

To learn more about this feature or to begin using key rotation, click here.