AWS Security Blog

Category: Security, Identity, & Compliance*

re:Invent 2015: All Security and Compliance Track Breakout Sessions

If you will be attending re:Invent 2015 in Las Vegas next month, you know that you’ll have many opportunities to learn more about AWS security at the conference. The following breakout sessions compose this year’s Security and Compliance track. Look for blog posts in the coming three weeks to highlight some of these specific breakout sessions […]

Read More

Introducing New APIs to Help Test Your Access Control Policies

AWS Identity and Access Management (IAM) has added two new APIs that enable you to automate validation and auditing of permissions for your IAM users, groups, and roles. Using these two APIs, you can call the IAM policy simulator using the AWS CLI or any of the AWS SDKs. Use the new iam:SimulatePrincipalPolicy API to […]

Read More

Need NIST Compliance in the AWS Cloud? AWS Compliance Has You Covered: NIST 800-171

AWS’s industry-leading security strength benefits you in many ways, one of which is by using a platform that is audited extensively by independent third-party assessors. At times, these audits confirm we can meet new requirements, even as they are issued, and this is the case for the National Institute of Standards and Technology (NIST) guidelines 800-171, […]

Read More

New Australian IRAP FAQ and Hub Page

Positive news for our Australian customers: we recently launched a compliance hub and FAQ page for Australian government customers and their assessors for the Information Security Registered Assessors Program (IRAP) on implementing the Australian Signals Directorate’s (ASD) Information Security Manual (ISM). The new hub and FAQ address many of the questions that Australian government customers […]

Read More

Organize Your Permissions by Using Separate Managed Policies

This year we released managed policies to enable you to create a set of stand-alone policies that you can attach to multiple IAM entities (users, groups, and roles) in your AWS account. Since that release, we have heard from many of you that you’d prefer to mix and match policies instead of just using one universal […]

Read More

Don’t Miss AWS re:Invent—Sign Up for the Livestream Broadcasts

September 16 update: The full schedule is now included below. Even though AWS re:Invent 2015 is sold out, you can still get the latest announcements and product information by viewing our Livestream Broadcasts of the keynotes and select technical breakout sessions. Sign up for the Livestream Broadcasts now.

Read More

How to Manage Identities in Simple AD Directories

As I said in yesterday’s blog post, How to Migrate Your Microsoft Active Directory Users to Simple AD, AWS Directory Service allows you to create a standalone, highly available AWS-managed directory called Simple AD in a matter of minutes. With Simple AD, you can centrally manage user accounts and group memberships for Amazon EC2 instances […]

Read More

How to Migrate Your Microsoft Active Directory Users to Simple AD

AWS Directory Service allows you to create a standalone, highly available AWS-managed directory called Simple AD in a matter of minutes. With Simple AD, you can centrally manage user accounts and group memberships for Amazon EC2 instances joined to a domain. It also allows you to use a single set of credentials to log in […]

Read More

New Whitepaper: CJIS Compliance on AWS

AWS is an attractive environment for regulated data, including Criminal Justice Information (CJI) subject to the Criminal Justice Information Services (CJIS) Security Policy. AWS customers have used the AWS cloud for a wide range of sensitive federal and state government workloads, including CJI data. Law enforcement customers and partners who manage CJI are taking advantage […]

Read More

How to Implement a General Solution for Federated API/CLI Access Using SAML 2.0

Note: Active Directory Federation Services (AD FS) 3.0 uses form-based authentication by default. If you are using AD FS 3.0 in this configuration, use the solution presented in this post. In my earlier post, How to Implement Federated API and CLI Access Using SAML 2.0 and AD FS, I walked through how to implement federated API […]

Read More