AWS Compute Blog
Tag: Security
Getting Started with AWS Nitro Enclaves on Microsoft Windows
This post is written by Scott Malkie, Specialist Solutions Architect, EC2 AWS Nitro Enclaves, introduced in October 2020, are isolated compute environments. They leverage the power of the AWS Nitro System to provide isolation and attestation for sensitive data processing. Customers use Nitro Enclaves to isolate their data processing workloads, even from users with root […]
Building a serverless tokenization solution to mask sensitive data
This post shows how to use AWS Serverless services to design a secure, reliable, and cost-optimized tokenization solution. It can be integrated with applications to protect sensitive information and manage access using strict controls with less operational overhead.
Enhancing site security with new Lightsail firewall features
This post is contributed by Mike Coleman, AWS Senior Developer Advocate – Lightsail Amazon Lightsail provides an easy way to get started with AWS for many customers. The service balances ease of use, security, and flexibility. The Lightsail firewall now offers additional features to help customers secure their Lightsail instances. This update offers three new […]
Building a serverless URL shortener app without AWS Lambda – part 2
This post is the second installment of a three-part series on building a serverless URL shortener without using AWS Lambda. The purpose of the series is to highlight the power of Amazon API Gateway and its ability to integrate directly with backend services like Amazon DynamoDB. The result is a low latency, highly available application […]
Orchestrating a security incident response with AWS Step Functions
In this post I will show how to implement the callback pattern of an AWS Step Functions Standard Workflow. This is used to add a manual approval step into an automated security incident response framework. The framework could be extended to remediate automatically, according to the individual policy actions defined. For example, applying alternative actions, or […]
Securing credentials using AWS Secrets Manager with AWS Fargate
This post is contributed by Massimo Re Ferre – Principal Developer Advocate, AWS Container Services. Cloud security at AWS is the highest priority and the work that the Containers team is doing is a testament to that. A month ago, the team introduced an integration between AWS Secrets Manager and AWS Systems Manager Parameter Store with AWS Fargate […]
Windows @ AWS re:Invent 2018
This post is courtesy of Rodney Bozo, Senior Solutions Architect – Microsoft Technologies – AWS Windows has been a first-class citizen at AWS for over a decade. More enterprises run Windows workloads today on AWS than any other cloud—according to IDC, it’s over 57%, 2X than the next provider. Over this period, we’ve worked with […]
Protecting your API using Amazon API Gateway and AWS WAF — Part 2
This post courtesy of Heitor Lessa, AWS Specialist Solutions Architect – Serverless In Part 1 of this blog, we described how to protect your API provided by Amazon API Gateway using AWS WAF. In this blog, we show how to use API keys between an Amazon CloudFront distribution and API Gateway to secure access to […]
Centralizing security with Amazon API Gateway and cross-account AWS Lambda authorizers
This post courtesy of Diego Natali, AWS Solutions Architect Customers often have multiple teams working on APIs. They might have separate teams working on individual API functionality, and another handling secure access control. You can now use an AWS Lambda function from a different AWS account as your API integration backend. Cross-account Lambda authorizers allow […]
Maintaining Transport Layer Security all the way to your container part 2: Using AWS Certificate Manager Private Certificate Authority
This post contributed by AWS Senior Cloud Infrastructure Architect Anabell St Vincent and AWS Solutions Architect Alex Kimber. The previous post, Maintaining Transport Layer Security All the Way to Your Container, covered how the layer 4 Network Load Balancer can be used to maintain Transport Layer Security (TLS) all the way from the client to […]