Tag: security

Edit: March 10th 2022 – Updated post to use AWS Cloud Development Kit (CDK) v2. Protecting systems from malware is an essential part of a systems protection strategy. It is important to both scan binaries and other files before introducing them into your system boundary and appropriately respond to potential threats in accordance to your […]

What is client-side encryption, and why might I want to use it? If you wish to store sensitive data in Amazon S3 with the AWS SDK for Ruby, you have several ways of managing the safety and security of the data. One good practice is to use HTTPS whenever possible to protect your data in […]

This is the fourth and final part (part 1, part 2, part 3) in a series on how to securely manage your AWS access credentials. This week I am focusing on using AWS Identity and Access Management (IAM) roles for Amazon EC2 instances with the AWS SDK for Ruby (aws-sdk). Simply put, IAM roles for […]

In part 1 of this series, I wrote about how to configure your access credentials with the AWS SDK for Ruby (aws-sdk gem). In part 2 we learned how to rotate your access credentials using the aws-sdk gem. This week we explore credential providers and how they can help you keep your secrets safe and […]

In a previous blog post I wrote about ways to securely configure your AWS access credentials when using the aws-sdk gem. This week I want to talk about a security best practice, credential rotation. Did you know that AWS recommends that you rotate your access keys every 90 days? Even if you are very careful […]

When using AWS, it is important to keep your access credentials secure. It can be challenging to make your credentials available to your application securely. The AWS SDK for Ruby provides a number of helpful interfaces for configuring your credentials that help you keep your secrets safe. This blog post focuses on securely configuring the […]