AWS Security Blog

Category: Developer Tools

Enhance programmatic access for IAM users using a YubiKey for multi-factor authentication

Organizations are increasingly providing access to corporate resources from employee laptops and are required to apply the correct permissions to these computing devices to make sure that secrets and sensitive data are adequately protected. The combination of Amazon Web Services (AWS) long-term credentials and a YubiKey security token for multi-factor authentication (MFA) is an option […]

Read More

Isolating network access to your AWS Cloud9 environments

In this post, I show you how to create isolated AWS Cloud9 environments for your developers without requiring ingress (inbound) access from the internet. I also walk you through optional steps to further isolate your AWS Cloud9 environment by removing egress (outbound) access. Until recently, AWS Cloud9 required you to allow ingress Secure Shell (SSH) […]

Read More

Integrating AWS CloudFormation security tests with AWS Security Hub and AWS CodeBuild reports

The concept of infrastructure as code, by using pipelines for continuous integration and delivery, is fundamental for the development of cloud infrastructure. Including code quality and vulnerability scans in the pipeline is essential for the security of this infrastructure as code. In one of our previous posts, How to build a CI/CD pipeline for container […]

Read More

How to use CI/CD to deploy and configure AWS security services with Terraform

Like the infrastructure your applications are built on, security infrastructure can be handled using infrastructure as code (IAC) and continuous integration/continuous deployment (CI/CD). In this post, I’ll show you how to build a CI/CD pipeline using AWS Developer Tools and HashiCorp’s Terraform platform as an IAC tool for AWS Web Application Firewall (WAF) deployments. AWS […]

Read More

AWS Federated Authentication with Active Directory Federation Services (AD FS)

Today we’d like to walk you through AWS Identity and Access Management (IAM), federated sign-in through Active Directory (AD) and Active Directory Federation Services (ADFS). With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which resources users can access. Customers have the option of creating users and […]

Read More

How to retrieve short-term credentials for CLI use with AWS Single Sign-on

Today, AWS made it easier to use the AWS Command Line Interface (CLI) to manage services in your AWS accounts. Now you can sign into the AWS Single Sign-On (AWS SSO) user portal using your existing corporate credentials, choose an AWS account and a specific permission set, and get temporary credentials to manage your AWS […]

Read More

New on the AWS DevOps Blog: Introducing Git Credentials—A Simple Way to Connect to AWS CodeCommit Repositories Using a Static User Name and Password

You can now connect to AWS CodeCommit repositories with Git credentials, which let you use a static user name and password to authenticate over HTTPS. Git credentials provide a simple and reliable way to access CodeCommit that is compatible with the command line or terminal, the AWS CLI, the Git CLI, and any Git tool […]

Read More