AWS Security Blog

Category: Security, Identity, & Compliance*

How to Migrate Your Microsoft Active Directory Users to Simple AD

AWS Directory Service allows you to create a standalone, highly available AWS-managed directory called Simple AD in a matter of minutes. With Simple AD, you can centrally manage user accounts and group memberships for Amazon EC2 instances joined to a domain. It also allows you to use a single set of credentials to log in […]

Read More

New Whitepaper: CJIS Compliance on AWS

AWS is an attractive environment for regulated data, including Criminal Justice Information (CJI) subject to the Criminal Justice Information Services (CJIS) Security Policy. AWS customers have used the AWS cloud for a wide range of sensitive federal and state government workloads, including CJI data. Law enforcement customers and partners who manage CJI are taking advantage […]

Read More

How to Implement a General Solution for Federated API/CLI Access Using SAML 2.0

Note: Active Directory Federation Services (AD FS) 3.0 uses form-based authentication by default. If you are using AD FS 3.0 in this configuration, use the solution presented in this post. In my earlier post, How to Implement Federated API and CLI Access Using SAML 2.0 and AD FS, I walked through how to implement federated API […]

Read More

2015 AWS PCI Compliance Package Now Available

We’re happy to announce the availability (upon request) of the 2015 AWS PCI Compliance Package, an assessment completed against the newly released PCI Data Security Standard (PCI DSS) Version 3.1. The PCI DSS is a globally accepted security standard that customers use to support a wide range of sensitive workloads, including the processing and storage […]

Read More

Updated HIPAA Whitepaper Now Available

To provide guidance about how to leverage Amazon Web Services (AWS) to develop applications that meet HIPAA and HITECH compliance requirements, we recently updated the Architecting for HIPAA Security and Compliance on Amazon Web Services whitepaper. The advancements and growth of healthcare technology have been an accelerating force behind the continued adoption of cloud computing, […]

Read More

How to Address the PCI DSS Requirements for Data Encryption in Transit Using Amazon VPC

The PCI requirements for encryption for data in transit are different for private networks than they are for public networks. When correctly designed, Amazon Virtual Private Cloud (Amazon VPC), a logically isolated portion of the AWS infrastructure that allows you to extend your existing data center network to the cloud, can be considered a private network, […]

Read More

How to Connect Your On-Premises Active Directory to AWS Using AD Connector

AD Connector is designed to give you an easy way to establish a trusted relationship between your Active Directory and AWS. When AD Connector is configured, the trust allows you to: Sign in to AWS applications such as Amazon WorkSpaces, Amazon WorkDocs, and Amazon WorkMail by using your Active Directory credentials. Seamlessly join Windows instances […]

Read More

Introducing s2n, a New Open Source TLS Implementation

At Amazon Web Services, strong encryption is one of our standard features, and an integral aspect of that is the TLS (previously called SSL) encryption protocol. TLS is used with every AWS API and is also available directly to customers of many AWS services including Elastic Load Balancing (ELB), AWS Elastic Beanstalk, Amazon CloudFront, Amazon S3, […]

Read More

How to Receive Notifications When Your AWS Account’s Root Access Keys Are Used

AWS Identity and Access Management (IAM) best practices recommend using IAM users or roles to access your AWS resources, instead of using your root credentials. If you follow this best practice, though, how can you monitor for root activity and take action if such activity occurs? AWS CloudTrail and Amazon CloudWatch provide the solution. In […]

Read More

PCI Compliance in the AWS Cloud

PCI compliance in the cloud is an important topic for many of our customers. Our PCI FAQ page has received more than 45,000 views, and we have issued our PCI compliance package directly to customers in all major regions and industry verticals. To build on our growing demand of PCI enablers, today we’re happy to […]

Read More