AWS Security Blog

Category: Security, Identity, & Compliance

How to create SAML providers with AWS CloudFormation

June 24, 2020: We updated the first 3 paragraphs of this post to provide, and link to, more information. As organizations grow, they often experience an inflection point where it becomes impractical to manually manage separate user accounts in disparate systems. Managing multiple AWS accounts is no exception. Many large organizations have dozens or even […]

Read More

AWS Artifact service launches new user interface

AWS Artifact service introduces a new user interface (UI) that provides a more intuitive experience in searching and saving AWS compliance reports, and accepting agreements. The new UI includes AWS Artifact home page equipped with information and videos on how to use the AWS Artifact service for your compliance needs. Additionally, the Reports and Agreements […]

Read More

Spring 2020 SOC 2 Type I Privacy report now available

We continue to be customer focused in addressing privacy requirements, enabling you to be confident in how your content is protected while using Amazon Web Services. Our latest SOC2 Type 1 Privacy report is now available to demonstrate our privacy compliance commitments to you. Our spring 2020 SOC 2 Type I Privacy report provides you […]

Read More

Spring 2020 SOC reports now available with 122 services in scope

At AWS, our customers’ security is of the highest importance and we continue to provide transparency into our security posture. We’re proud to deliver the System and Organizational Controls (SOC) 1, 2, and 3 reports to our AWS customers. The SOC program continues to enable our global customer base to maintain confidence in our secured […]

Read More

AWS achieves Spain’s ENS High certification across 105 services

AWS achieved Spain’s Esquema Nacional de Seguridad (ENS) High certification across 105 services in all AWS Regions. To successfully achieve the ENS High certification, BDO España conducted an independent audit and attested that AWS meets confidentiality, integrity, and availability standards. This provides assurance to Spain’s public sector organizations wanting to build secure applications and services […]

Read More

Easily control the naming of individual IAM role sessions

AWS Identity and Access Management (IAM) now has a new sts:RoleSessionName condition element for the AWS Security Token Service (AWS STS), that makes it easy for AWS account administrators to control the naming of individual IAM role sessions. IAM roles help you grant access to AWS services and resources by using dynamically generated short-term credentials. […]

Read More

Enabling AWS Security Hub integration with AWS Chatbot

October 6, 2020: The code for sending your findings to Slack, and one image, have been updated in this blog post. In this post, we show you how to configure AWS Chatbot to send findings from AWS Security Hub to Slack. Security Hub gives you a comprehensive view of your security high-priority alerts and security […]

Read More

AWS Foundational Security Best Practices standard now available in Security Hub

AWS Security Hub offers a new security standard, AWS Foundational Security Best Practices This week AWS Security Hub launched a new security standard called AWS Foundational Security Best Practices. This standard implements security controls that detect when your AWS accounts and deployed resources do not align with the security best practices defined by AWS security […]

Read More

AWS IAM introduces updated policy defaults for IAM user passwords

November 2, 2020: This post has been updated to reflect the change in date for the default password policy from October 28 to November 18. October 20, 2020: This post has been updated to reflect the change in date for the default password policy from October 2 to October 21 to October 28. July 27, […]

Read More

IAM Access Analyzer flags unintended access to S3 buckets shared through access points

Customers use Amazon Simple Storage Service (S3) buckets to store critical data and manage access to data at scale. With Amazon S3 Access Points, customers can easily manage shared data sets by creating separate access points for individual applications. Access points are unique hostnames attached to a bucket and customers can set distinct permissions using […]

Read More