AWS Security Blog

Category: Security, Identity, & Compliance

Announcing AWS Organizations: Centrally Manage Multiple AWS Accounts

Today, AWS launched AWS Organizations: a new way for you to centrally manage all the AWS accounts your organization owns. Now you can arrange your AWS accounts into groups called organizational units (OUs) and apply policies to OUs or directly to accounts. For example, you can organize your accounts by application, environment, team, or any […]

Tuesday, November 29: Security and Compliance Sessions Today at re:Invent

Today, the following security and compliance sessions will be presented at AWS re:Invent 2016 in Las Vegas. All times are local. See the re:Invent Session Catalog for complete information about every session. You can also download the AWS re:Invent 2016 Event App for the latest updates and information. If you are not attending re:Invent 2016, […]

Dates, Times, and Locations of All Security and Compliance Sessions Taking Place at AWS re:Invent 2016

AWS re:Invent 2016 will  take place November 28 through December 2 in Las Vegas, Nevada, and the following security and compliance sessions will be presented. See the re:Invent Session Catalog for complete information about these sessions. If you are not attending re:Invent 2016, keep in mind that we will publish a post on the Security […]

Now Create and Manage Users More Easily with the AWS IAM Console

Today, we updated the AWS Identity and Access Management (IAM) console to make it easier for you to create and manage your IAM users. These improvements include an updated user creation workflow and new ways to assign and manage permissions. The new user workflow guides you through the process of setting user details, including enabling […]

AWS Directory Service logo

How to Move More Custom Applications to the AWS Cloud with AWS Directory Service

Some Active Directory (AD) integrated applications require custom changes to the directory schema. Today, we have added the ability for an administrator to extend the schema of AWS Directory Service for Microsoft Active Directory (Enterprise Edition), also known as Microsoft AD. Specifically, you can modify the AD schema and enable many more applications. This feature […]

How to Assign Permissions Using New AWS Managed Policies for Job Functions

Today, AWS Identity and Access Management (IAM) made 10 AWS managed policies available that align with common job functions. AWS managed policies enable you to set permissions using policies that AWS creates and manages, and with a single AWS managed policy for job functions, you can grant the permissions necessary for network or database administrators, […]

In Case You Missed These: AWS Security Blog Posts from September and October

In case you missed any AWS Security Blog posts from September and October, they are summarized and linked to below. The posts are shown in reverse chronological order (most recent first), and the subject matter ranges from enabling multi-factor authentication on your AWS API calls to using Amazon CloudWatch Events to monitor application health. October […]

Register for and Attend This November 10 Webinar—Introduction to Three AWS Security Services

Update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Webinar Series, AWS will present Introduction to Three AWS Security Services on Thursday, November 10. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time. AWS Solutions Architect Pierre Liddle shows how AWS Identity and […]

How to Enable MFA Protection on Your AWS API Calls

Multi-factor authentication (MFA) provides an additional layer of security for sensitive API calls, such as terminating Amazon EC2 instances or deleting important objects stored in an Amazon S3 bucket. In some cases, you may want to require users to authenticate with an MFA code before performing specific API requests, and by using AWS Identity and […]

How to Help Achieve Mobile App Transport Security (ATS) Compliance by Using Amazon CloudFront and AWS Certificate Manager

Web and application users and organizations have expressed a growing desire to conduct most of their HTTP communication securely by using HTTPS. At its 2016 Worldwide Developers Conference, Apple announced that starting in January 2017, apps submitted to its App Store will be required to support App Transport Security (ATS). ATS requires all connections to […]