AWS Compute Blog
Category: AWS Key Management Service
Strengthening data security in AWS Step Functions with a customer-managed AWS KMS key
This post is written by Dhiraj Mahapatro, AWS Principal Specialist SA, Serverless. AWS Step Functions provides enhanced security with a customer-managed AWS KMS key. This allows organizations to maintain complete control over the encryption keys used to protect their data in Step Functions, ensuring that only allowed principals (IAM role, user, or a group) have access […]
Securing Amazon ECS workloads on AWS Fargate with customer managed keys
As Amazon CTO Werner Vogels said, “Encryption is the tool we have to make sure that nobody else has access to your data. Amazon Web Services (AWS) built encryption into nearly all of its 165 cloud services. Make use of it. Dance like nobody is watching. Encrypt like everyone is.” Security is the top priority […]
Securely retrieving secrets with AWS Lambda
AWS Lambda functions often need to access secrets, such as certificates, API keys, or database passwords. Storing secrets outside the function code in an external secrets manager helps to avoid exposing secrets in application source code. Using a secrets manager also allows you to audit and control access, and can help with secret rotation. Do […]
Encrypting messages published to Amazon SNS with AWS KMS
Post by Otavio Ferreira, Software Development Manager, Amazon SNS — Amazon Simple Notification Service (Amazon SNS) is a fully managed pub/sub messaging service for decoupling event-driven microservices, distributed systems, and serverless applications. To address the requirements of highly critical workloads, Amazon SNS provides message encryption in transit, based on Amazon Trust Services (ATS) certificates, as well as message encryption at rest, using AWS Key Management Service (AWS KMS) keys.
Maintaining Transport Layer Security all the way to your container part 2: Using AWS Certificate Manager Private Certificate Authority
This post contributed by AWS Senior Cloud Infrastructure Architect Anabell St Vincent and AWS Solutions Architect Alex Kimber. The previous post, Maintaining Transport Layer Security All the Way to Your Container, covered how the layer 4 Network Load Balancer can be used to maintain Transport Layer Security (TLS) all the way from the client to […]