Category: Security, Identity, & Compliance

Recently, the AWS Support Center moved to the AWS Management Console. In addition to providing a better user experience, it enabled another important feature – federated access. Users in your company can now use their existing credentials to access the AWS Support Center for actions like creating a case, looking at the case history, or […]

Today, we’re excited to announce AWS Key Management Service (KMS) a new service that gives you control and visibility over the encryption keys that protect your data, with strong security and audit controls. AWS KMS is integrated with other AWS services including Amazon EBS, Amazon S3, and Amazon Redshift to simplify encryption of your data within those […]

Previously, Todd Cignetti, AWS Security Product Manager, wrote a post that covered some typical use cases for AWS CloudHSM, a service that helps you securely generate, store, and manage the cryptographic keys used for data encryption such that they are accessible only by you. In this post, Todd continues the series on AWS CloudHSM with […]

Have you ever had to create access policies for users, groups, roles, or resources and wished you could learn more about the policy language? If so, you’ve come to the right place. In this blog, I’ll describe the attributes and structure of the Identity and Access Management (IAM) policy language. I’ll also include examples that […]

Have you ever needed to quickly look up the last time one of your users signed in to your AWS account? Or have you been following security best practices and want verify that no one in your organization has been signing in using the AWS root account? If you use AWS CloudTrail, the information is […]

At the end of 2013, we introduced single sign-on to the AWS Management Console using the Security Assertion Markup Language (SAML) 2.0. This enables you to use your organization’s existing identity system to sign in to the console without having to provide AWS credentials. Today we’re happy to announce that, in response to your feedback, […]

AWS re:Invent is only one month away! Several members of the AWS Security and AWS Identity and Access Management (IAM) teams will be presenting on security topics and answering your questions in the AWS Security Booth. We have 21 sessions covering security this year. In this blog post, I want to highlight six essential sessions […]

We’ve seen a question appear periodically on the IAM forum about granting IAM users access to the AWS Billing console. The question is this: even after an administrator sets appropriate permissions for an IAM user to access the console, the user can’t get to the console. Why not? Access to the console actually requires two […]

With the steady cadence of updates and enhancements for AWS services, it can sometimes be easy to miss announcements about features that relate to security. Here are some recent security-related updates in AWS services that we’re excited about and that you might not have heard about. AWS Trusted Advisor inspects your AWS environment and finds […]

I’m very excited to share that AWS has received the first ever U.S. Department of Defense (DoD) level 3-5 Provisional Authorization for the AWS GovCloud (US) region under the Defense Information Systems Agency’s (DISA) Cloud Security Model (CSM). AWS has been authorized for CSM levels 1-2 workloads for all US regions since March of this […]