AWS Security Blog

Category: Security, Identity, & Compliance

AWS Achieves FedRAMP Authorization for New Services in the AWS GovCloud (US) Region

Today, we’re pleased to announce an array of AWS services that are available in the AWS GovCloud (US) Region and have achieved Federal Risk and Authorization Management Program (FedRAMP) High authorizations. The FedRAMP Joint Authorization Board (JAB) has issued Provisional Authority to Operate (P-ATO) approvals, which are effective immediately. If you are a federal or commercial […]

Read More

How to Use Service Control Policies in AWS Organizations to Enforce Healthcare Compliance in Your AWS Account

AWS customers with healthcare compliance requirements such as the U.S. Health Insurance Portability and Accountability Act (HIPAA) and Good Laboratory, Clinical, and Manufacturing Practices (GxP) might want to control access to the AWS services their developers use to build and operate their GxP and HIPAA systems. For example, customers with GxP requirements might approve AWS […]

Read More

Register for and Attend This March 29 Tech Talk—Best Practices for Managing Security Operations in AWS

Update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Monthly Online Tech Talks series, AWS will present Best Practices for Managing Security Operations in AWS on Wednesday, March 29. This tech talk will start at 9:00 A.M. and end at 10:00 A.M. Pacific Time. AWS Global Cloud Security […]

Read More

Move Over JSON – Policy Summaries Make Understanding IAM Policies Easier

Today, we added policy summaries to the IAM console, making it easier for you to understand the permissions in your AWS Identity and Access Management (IAM) policies. Instead of reading JSON policy documents, you can scan a table that summarizes services, actions, resources, and conditions for each policy. You can find this summary on the […]

Read More

In Case You Missed These: AWS Security Blog Posts from January, February, and March

In case you missed any AWS Security Blog posts published so far in 2017, they are summarized and linked to below. The posts are shown in reverse chronological order (most recent first), and the subject matter ranges from protecting dynamic web applications against DDoS attacks to monitoring AWS account configuration changes and API calls to […]

Read More

New AWS Encryption SDK for Python Simplifies Multiple Master Key Encryption

September 8, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. The AWS Cryptography team is happy to announce a Python implementation of the AWS Encryption SDK. […]

Read More

Updated CJIS Workbook Now Available by Request

April 27, 2021: The information in this blog post has been deprecated. For the latest information on CJIS, visit Using AWS for Criminal Justice Information Solutions. The need for guidance when implementing Criminal Justice Information Services (CJIS)–compliant solutions has become of paramount importance as more law enforcement customers and technology partners move to store and […]

Read More

Join Us for AWS IAM Day on Thursday, March 23, in San Francisco

Join us in San Francisco for AWS IAM Day on Thursday, March 23, from 9:30 A.M.–4:15 P.M. At this free technical event, we will introduce you to AWS Identity and Access Management (IAM) concepts using easy-to-follow examples, and tools and strategies you can use for controlling access to your AWS environment. We will also cover how […]

Read More

New Cloud Directory API Makes It Easier to Query Data Along Multiple Dimensions

Amazon Cloud Directory enables you to build flexible, cloud-native directories for organizing hierarchies of data along multiple dimensions. For example, you can create an organizational structure that you can navigate through multiple hierarchies for reporting structure, location, and cost center. With Cloud Directory, you can create directories for a variety of use cases, such as […]

Read More

How to Access the AWS Management Console Using AWS Microsoft AD and Your On-Premises Credentials

AWS Directory Service for Microsoft Active Directory, also known as AWS Microsoft AD, is a managed Microsoft Active Directory (AD) hosted in the AWS Cloud. Now, AWS Microsoft AD makes it easy for you to give your users permission to manage AWS resources by using on-premises AD administrative tools. With AWS Microsoft AD, you can […]

Read More