AWS Security Blog
Category: AWS PrivateLink
Governing and securing AWS PrivateLink service access at scale in multi-account environments
Amazon Web Services (AWS) customers have been adopting the approach of using AWS PrivateLink to have secure communication to AWS services, their own internal services, and third-party services in the AWS Cloud. As these environments scale, the number of PrivateLink connections outbound to external services and inbound to internal services increase and are spread out […]
Access accounts with AWS Management Console Private Access
December 7, 2023: This blog has been updated to include a paragraph about using aws:SourceVpc IAM condition context key in endpoint policies. AWS Management Console Private Access is an advanced security feature to help you control access to the AWS Management Console. In this post, I will show you how this feature works, share current […]
What is a cyber range and how do you build one on AWS?
In this post, we provide advice on how you can build a current cyber range using AWS services. Conducting security incident simulations is a valuable exercise for organizations. As described in the AWS Security Incident Response Guide, security incident response simulations (SIRS) are useful tools to improve how an organization handles security events. These simulations […]
How to Connect Directly to AWS Key Management Service from Amazon VPC by Using an AWS PrivateLink Endpoint
AWS Key Management Service (AWS KMS) now supports Amazon Virtual Private Cloud (Amazon VPC) endpoints powered by AWS PrivateLink. This means you now can connect directly to AWS KMS through a private endpoint in your VPC, keeping all traffic within your VPC and the AWS network. Previously, applications running inside a VPC required internet access […]