Category: AWS Identity and Access Management (IAM)

Rotate access keys regularly and remove inactive users. You’ve probably heard us mention these as two AWS Identity and Access Management (IAM) security best practices. But how do you know when access keys (for an IAM user or the root account) are no longer in use and safe to delete? To help you answer this […]

AWS Identity and Access Management (IAM) recently launched managed policies, which enable you to attach a single access control policy to multiple entities (IAM users, groups, and roles). Managed policies also give you precise, fine-grained control over how your users can manage policies and permissions for other entities. For example, you can control which managed […]

Earlier this month, we let you know that AWS Identity and Access Management (IAM) would be upgrading policy validation today (March 25, 2015) to help you ensure that your IAM policies match your intentions. This upgrade is now in effect for all IAM policies. Starting today, to save changes to your IAM policies, you must […]

On March 25, 2015, we will upgrade the Identity and Access Management (IAM) policy validation to help ensure that your policies reflect your intentions. Starting on this day, to save changes to policies, you must first ensure that your policies comply with the IAM policy grammar. Your existing policies will continue to work as they […]

Have you ever thought that authoring Identity and Access Management (IAM) policies would be easier if the JSON of your policies were automatically formatted? If so, you will be excited to hear you can now enable autoformatting for all your policies by simply selecting a single check box. In this blog post, I will show […]

Have you ever spent time searching for a syntax error—such as a missing comma—when editing an AWS Identity and Access Management (IAM) policy? If so, you will be happy to hear that AWS has made it easier for you to identify and correct such errors. To help you find the source of the errors, we’ve […]

Recently, AWS launched managed policies, which simplify policy management by enabling you to attach a single policy to multiple AWS Identity and Access Management (IAM) entities such as users, groups, and roles. When you update a managed policy, the permissions in that policy apply to every entity to which the managed policy is attached. We […]

AWS recently announced a new feature of AWS Identity and Access Management (IAM): managed policies. Managed policies enable you to attach a single policy to multiple IAM users, groups, and roles (in this blog post referred to collectively as “IAM entities”). When you update a managed policy, the permissions in that policy apply to every […]

Last month, the AWS Security Blog encouraged you to adhere to AWS Identity and Access Management (IAM) best practices. One of these best practices is to lock away your AWS account (root) access keys and password, and not use them for day-to-day interaction with AWS. In fact, when it comes to your root account access […]

As another new year begins, we want to encourage you to be familiar with recommended AWS Identity and Access Management (IAM) best practices. Following these best practices can help you maintain the security of your AWS account. You can learn more by watching the IAM Best Practices presentation that was given by Anders Samuelsson at […]