Category: Security, Identity, & Compliance

We’re happy to announce that customers now are enabled to bring the next generation of medical, health, and wellness solutions to their GxP systems by using AWS for their processing and storage needs. Compliance with healthcare and life sciences requirements is a key priority for us, and we are pleased to announce the availability of […]

AWS Config recently added the ability to record changes to the configuration of your AWS Identity and Access Management (IAM) users, groups, and roles (collectively referred to as IAM entities) and the policies associated with them. Using this feature, you can record configuration details for these IAM entities, including details about which policies are associated […]

Deleting unused resources can help to improve the security of your AWS account and make your account easier to manage. However, if you have ever been unsure of whether an AWS Identity and Access Management (IAM) user or role was being used actively, you probably erred on the side of caution and kept it. Starting […]

As another new year begins, we encourage you to review our recommended AWS Identity and Access Management (IAM) best practices. Following these best practices can help you maintain the security of your AWS resources. You can learn more by watching the IAM Best Practices to Live By presentation that Anders Samuelsson gave at AWS re:Invent […]

The following 20 posts are the most popular posts that were published in 2015 on the AWS Security Blog. You can use this list as a guide to do some catchup reading or even read a post again that you found particularly valuable. Introducing s2n, a New Open Source TLS Implementation Customer Update—AWS and EU Safe […]

AWS has just completed our annual audit of ISO 27001, a certification we achieved back in 2010. 10 new services are now in scope under ISO 27001: Amazon CloudFront Amazon EC2 Container Service (ECS) Amazon Elastic File System (EFS) Amazon Simple Email Service (SES) Amazon WorkDocs Amazon WorkMail Amazon WorkSpaces AWS Directory Service AWS Key […]

In my previous post, I introduced service last accessed data, a new feature of the AWS Identity and Access Management (IAM) console that helps you define policies that adhere better to the principle of least privilege. As part of that post, I walked through a sample use case demonstrating how you can use service last […]

July 29, 2025: This blog post is outdated. Use CloudFront’s managed prefix list for Security Groups instead of the Lambda solution. CloudFront now supports VPC origins, allowing secure connectivity to private VPC resources. For details on managed prefix lists, see this post. For VPC origins implementation guide, refer to this post. April 1, 2021: Before […]

Today we’re happy to announce we’ve added 10 new services to our ISO 9001 certification: Amazon CloudFront Amazon EC2 Container Service (ECS) Amazon Elastic File System (EFS) Amazon Simple Email Service (SES) Amazon WorkDocs Amazon WorkMail Amazon WorkSpaces AWS Directory Service AWS Key Management Service (KMS) AWS WAF – Web Application Firewall This increases the […]

AWS supports Security Assertion Markup Language (SAML) 2.0, an open standard for identity federation used by many identity providers (IdPs). SAML enables federated single sign-on (SSO), which enables your users to sign in to the AWS Management Console or to make programmatic calls to AWS APIs by using assertions from a SAML-compliant IdP. Many of […]