Category: Security, Identity, & Compliance

Today, we made it possible for you to enable a user to switch roles directly in the AWS Management Console to access resources across multiple AWS accounts—while using only one set of credentials. Previously, as Anders discussed in his blog post, Delegating API Access to AWS Services Using IAM Roles, you could delegate access to […]

The goal of the AWS Security blog is to provide you with guidance, best practices, and technical walkthroughs covering new service launches or topics such as how to help increase the security of your AWS account or better achieve your compliance goals. As we welcome 2015, we want to make sure that you did not […]

Several weeks ago, we released documentation for the AWS Identity and Access Management (IAM) policy grammar and published a back-to-school policy grammar blog post to let you know of common errors in policies. To help you ensure that your policies match your intentions, we are taking policy validation a step further. Starting March 2015, any new or updated policy must […]

When you need to grant access to your AWS resources to a third party, we recommend you do so using an IAM role with external ID. In this post, Josh Bean, a programmer writer on the AWS Identity and Access Management (IAM) team, walks you through a scenario to show you how. At times, you […]

Do you analyze, audit, or monitor your AWS Identity and Access Management (IAM) settings? If so, you will be happy to hear we’ve simplified the way you can retrieve a snapshot of your IAM settings. Today we’re making it easier for you to build tools to analyze, monitor, and audit your IAM entities (i.e., users, […]

AWS Key Management Service (KMS) now supports a new AWS service in addition to Amazon S3, Amazon EBS, and Amazon Redshift. This week Amazon Elastic Transcoder released support for encryption of media assets using AWS KMS. Specifically, you can upload encrypted mezzanine files, thumbnails, captions and watermarks to Amazon Elastic Transcoder and allow the service to […]

Recently, the AWS Support Center moved to the AWS Management Console. In addition to providing a better user experience, it enabled another important feature – federated access. Users in your company can now use their existing credentials to access the AWS Support Center for actions like creating a case, looking at the case history, or […]

Today, we’re excited to announce AWS Key Management Service (KMS) a new service that gives you control and visibility over the encryption keys that protect your data, with strong security and audit controls. AWS KMS is integrated with other AWS services including Amazon EBS, Amazon S3, and Amazon Redshift to simplify encryption of your data within those […]

Previously, Todd Cignetti, AWS Security Product Manager, wrote a post that covered some typical use cases for AWS CloudHSM, a service that helps you securely generate, store, and manage the cryptographic keys used for data encryption such that they are accessible only by you. In this post, Todd continues the series on AWS CloudHSM with […]

Have you ever had to create access policies for users, groups, roles, or resources and wished you could learn more about the policy language? If so, you’ve come to the right place. In this blog, I’ll describe the attributes and structure of the Identity and Access Management (IAM) policy language. I’ll also include examples that […]