AWS Security Blog

Category: Security, Identity, & Compliance*

New SOC 1, 2, and 3 Reports Available — Including a New Region and Service In-Scope

We are now in our sixth year of regularly publishing comprehensive independent audit reports attesting to our alignment with globally accepted security best practices. We have just completed our thorough and extensive semiannual audit and are happy to announce that Amazon Simple Queue Service (SQS) and our newest region in Europe (Frankfurt) are now in-scope […]

Read More

Register for and Attend This May 22 Webinar: Getting Started with AWS Identity and Access Management

As part of the AWS Webinar Series, AWS will present Getting Started with AWS Identity and Access Management on Friday, May 22. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time (UTC-7). AWS Security Solutions Architect Jonathan Desrocher will introduce the fundamental concepts of AWS Identity and Access Management (IAM) […]

Read More

AWS Directory Service Now Supports API Access and Logging Via AWS CloudTrail

Developers can now programmatically create and configure Simple AD and AD Connector directories in AWS Directory Service via the AWS SDKs or CLI. You can also now use Cloud Trail to log API actions performed via an SDK, the CLI, or AWS Directory Service console. Permissions for performing these actions can be controlled via an AWS […]

Read More

Staying Ahead of the Curve–Customer Enabler AWS OCIE Cybersecurity Initiative Workbook

We focus on enabling our customers to scale their security and compliance capabilities on AWS, and we enhance our customers’ ability to meet a wide variety of security and regulatory requirements. With a continued focus on our customers’ regulatory needs in the financial services sector, we created another customer facing workbook, which aligns the new […]

Read More

Amazon Redshift and Amazon RDS Now Support Encryption via AWS Key Management Service in the AWS GovCloud (US) Region

Today, Amazon Redshift and Amazon RDS for MySQL, PostgreSQL, Oracle, and SQL Server DB released support for encryption using AWS Key Management Service (KMS) in the AWS GovCloud (US) region. Using keys under your control, you can now encrypt RDS instances, including MySQL, PostgreSQL, Oracle, and SQL Server DB instance types, and Amazon Redshift clusters in AWS GovCloud […]

Read More

AWS Key Management Service Now Available in the AWS GovCloud (US) Region

AWS Key Management Service (KMS) is now available in the AWS GovCloud (US) region. You can now encrypt data in your own applications and within the following AWS services in GovCloud by using keys under your control: Amazon Elastic Block Store volumes Amazon S3 objects using Server Side Encryption (SSE-KMS) and client-side encryption using the […]

Read More

How to Switch Easily Between AWS Accounts by Using the AWS Management Console and AWS Directory Service

Earlier this year, the AWS Identity and Access Management (IAM) team announced support for the Switch Role feature, which allows your users to switch between accounts in the AWS Management Console. The benefit to your users is that they can switch accounts without being required to sign out and sign in for each account. In […]

Read More

Using AWS in the Context of CESG UK’s Cloud Security Principles

Last year, CESG UK published the Cloud Security Guidance documents for public sector organizations that are considering the use of cloud services for handling information classified as OFFICIAL. The guidance aims to help public sector organizations make informed decisions about cloud services and choose a cloud service that balances business benefits and security risks. In […]

Read More

New in IAM: Quickly Identify When an Access Key Was Last Used

Rotate access keys regularly and remove inactive users. You’ve probably heard us mention these as two AWS Identity and Access Management (IAM) security best practices. But how do you know when access keys (for an IAM user or the root account) are no longer in use and safe to delete? To help you answer this […]

Read More

Security Best Practices: Compliance Beyond the Check Box–Register For and Attend the Webinar

Update: The slides from this webinar are now available. As part of the AWS Webinar Series, AWS will present Security Best Practices: Compliance Beyond the Check Box on Tuesday, April 28. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time (UTC-7). Principal Solutions Architect Bill Shinn will help you understand […]

Read More