Author: Ben Brauer

The .NET Developers Blog recently published two easy-to-read posts about access key management for .NET applications. The first one goes through some of the background of access key management, as well as the use of IAM roles for EC2. The second post goes deeper into creating and using IAM users and groups instead of using root […]

David Murray  published a great post about best practices for IAM credentials earlier today (December 9th).  He gives a high level description of IAM, followed by methods for using IAM roles for EC2.  To learn more go to the Java Developers Blog. – Ben

We are pleased to announce that AWS OpsWorks now supports resource-level permissions. AWS OpsWorks is an application management service that lets you provision resources, deploy and update software, automate common operational tasks, and monitor the state of your environment. You can optionally use the popular Chef automation platform to extend OpsWorks using your own custom […]

Amazon Web Services (AWS) held its second annual users conference, re:Invent 2013,  in Las Vegas on November 13th-15th.  Security was again one of the top tracks of the program, with 22 sessions covering every area in cloud security.  Re:Invent 2013 was a great success. Here are links to the videos and presentations all the security related […]

Yesterday the EC2 team announced fine grained controls for managing RunInstances. This release enables you to set fine-grained controls over the AMIs, Snapshots, Subnets, and other resources that can be used when creating instances and the types of instances and volumes that users can create when using the RunInstances API. This is a major milestone […]

Many of our readers have told us that they want to learn more about encryption and key management in AWS. CloudHSM is an AWS service that can establish an even greater trust in AWS from which encryption and key management applications can be anchored. If you’re not familiar with AWS CloudHSM, you can read more […]

Today AWS CloudFormation released added support for  temporary security credentials provided by the AWS Security Token Service.  This release enables a number of scenarios such as federated users being able to use CloudFormation from the AWS Management Console and authorizing Amazon EC2 instances with IAM roles to call CloudFormation APIs.  To learn more about this new […]

AWS re:Invent 2013, AWS’s second annual conference for developers and technical leaders, is less than a month away.  We have some great sessions and activities lined up to ensure that content quality is high and that your questions are answered. Update (20 May 2014): For links to the session videos and slide presentations from AWS […]

One of the benefits of AWS is the highly available, durable, and practically unlimited cloud-based storage you can get with Amazon Simple Storage Services (Amazon S3).  Over two trillion objects are already stored in S3 and customers are always finding more creative uses for S3.  One of the more commonly requested use cases is how […]

Changing access keys (which consist of an access key ID and a secret access key) on a regular schedule is a well-known security best practice because it shortens the period an access key is active and therefore reduces the business impact if they are compromised. Having an established process that is run regularly also ensures […]