AWS Security Blog

Craig Liebendorfer

Author: Craig Liebendorfer

I write for and work with other authors who write for the AWS Database Blog. I previously owned and edited the AWS Security Blog for 3+ years.

Now Available: The First Guide in the AWS Government Handbook Series

AWS recently released the first guide in the new AWS Government Handbook Series: Secure Network Connections: An evaluation of the US Trusted Internet Connections program. This new series examines key cybersecurity policy initiatives that have been operating in the traditional IT space, unpacks their security objectives, and identifies lessons learned and best practices of global […]

Read More

New AWS DevOps Blog Post: How to Help Secure Your Code in a Cross-Region/Cross-Account Deployment Solution on AWS

You can help to protect your data in a number of ways while it is in transit and at rest, such as by using Secure Sockets Layer (SSL) or client-side encryption. AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create, control, rotate, and use your encryption keys. AWS […]

Read More

AWS HIPAA Program Update – Dedicated Instances and Hosts Are No Longer Required

Over the years, we have seen tremendous growth in the use of the AWS Cloud for healthcare applications. Our customers and AWS Partner Network (APN) Partners who offer solutions that store, process, and transmit Protected Health Information (PHI) sign a Business Associate Addendum (BAA) with AWS. As part of the AWS HIPAA compliance program, customers and […]

Read More

Now Available: Use Resource-Level Permissions to Control Access to and Permissions on Auto Scaling Resources

As of May 15, 2017, you can define AWS Identity and Access Management policies to control which Auto Scaling resources users can access and the actions users are permitted to perform on those resources. Auto Scaling helps you maintain application availability and allows you to scale your Amazon EC2 capacity up or down automatically according to conditions you […]

Read More

Amazon Simple Queue Service Introduces Server-Side Encryption for Queues

You can now use Amazon Simple Queue Service (SQS) to exchange sensitive data between applications using server-side encryption (SSE). SQS is a fully managed message queuing service for reliably communicating between distributed software components and microservices at any scale. You can use SQS to take advantage of the scale, cost, and operational benefits of a […]

Read More

Amazon QuickSight Now Supports Audit Logging with AWS CloudTrail

Amazon QuickSight democratizes business intelligence, making it easier and cheaper for you to provide advanced business analytics capabilities to everyone in your organization. Amazon QuickSight also enables you to understand your business better and helps you make data-driven decisions more quickly. However, determining who has access to which data in your organization can still be […]

Read More

Announcing the Availability of Hardware Multi-Factor Authentication in the AWS GovCloud (US) Region

Hardware multi-factor authentication (MFA) is now available in the AWS GovCloud (US) Region to help strengthen data security while giving you control over token keys that have access to your data. MFA is a best practice that adds an extra layer of protection on top of users’ user names and passwords. These token keys that […]

Read More

Manage Access to Your Amazon RDS for MySQL and Amazon Aurora Databases Using AWS IAM

Starting today, Amazon RDS enables you to use AWS Identity and Access Management (IAM) to manage database access for Amazon RDS for MySQL database instances and Amazon Aurora database clusters. By using IAM, you can manage user access to all AWS resources from a single location, without needing to manage users in the database. This includes expanding […]

Read More

Attend This Free April 27 Tech Talk—Applying AWS Organizations to Complex Account Structures

Update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Monthly Online Tech Talks series, AWS will present Applying AWS Organizations to Complex Account Structures on Thursday, April 27. This tech talk will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time. AWS Principal Product Manager Anders Samuelsson […]

Read More

Register for and Attend This Free April 27 Tech Talk—Deep Dive on Amazon Cloud Directory

Update: This webinar is now available as a slide deck. As part of the AWS Monthly Online Tech Talks series, AWS will present Deep Dive on Amazon Cloud Directory on Thursday, April 27. This tech talk will start at noon and end at 1:00 P.M. Pacific Time. AWS Cloud Directory Expert Quint Van Deman will show you how Amazon Cloud […]

Read More