Category: Security, Identity, & Compliance

Like the infrastructure your applications are built on, security infrastructure can be handled using infrastructure as code (IAC) and continuous integration/continuous deployment (CI/CD). In this post, I’ll show you how to build a CI/CD pipeline using AWS Developer Tools and HashiCorp’s Terraform platform as an IAC tool for AWS Web Application Firewall (WAF) deployments. AWS […]

In the weeks leading up to re:Invent 2019, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do as the VP […]

September 19, 2023: This post has been update to correct an explanation of multivalued condition keys. You can now reference Organizational Units (OUs), which are groups of AWS accounts in AWS Organizations, in AWS Identity and Access Management (IAM) policies, making it easier to define access for your IAM principals (users and roles) to the […]

February 19, 2024: You can now use IAM Access Analyzer to easily identify unused roles. Read this blog post to learn more. January 6, 2021: We updated this post to fix a bug related to allow listing noncompliant roles. January 6, 2020: We updated this post to reflect a valid STS session duration if configured […]

In the weeks leading up to re:Invent 2019, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. What do you do in your current role at AWS? I’m an identity nerd! I […]

February 19, 2024: You can now use IAM Access Analyzer to easily identify unused roles. Read this blog post to learn more. November 25, 2019: We’ve corrected a documentation link. As you build on AWS, you create AWS Identity and Access Management (IAM) roles to enable teams and applications to use AWS services. As those […]

July 27, 2021: We’ve updated the link to the 2019 re:Invent session on this topic. Since it first launched over 10 years ago, the Amazon EC2 Instance Metadata Service (IMDS) has helped customers build secure and scalable applications. The IMDS solved a big security headache for cloud users by providing access to temporary, frequently rotated […]

We understand that the protection of personal data that is uploaded to AWS is critical for many of our customers, and the SOC2 Type 1 Privacy report provides the information you need to understand how your content is protected at AWS. The Fall 2019 SOC 2 Type I Privacy report provides you with a third-party […]

AWS successfully completed the re-certification audits with no findings. Ernst and Young Certify Point auditors issued the new certificates on November 6, 2019, marking the start of the new three-year cycle. We increased the number of ISO services in scope to 134 services in total that have been validated against ISO 9001, 27001, 27017, and […]

There have been two noteworthy 2019 updates for Australian Prudential Regulation Authority (APRA) regulated entities such as banks, insurance companies, credit unions, deposit takers, and the superannuation industry. On June 25, APRA released an updated version of the Prudential Practice Guide CPG 234 Information Security, which provides guidance on how to implement the revised Prudential […]