AWS Security Blog
Category: Security, Identity, & Compliance
AWS Security Profiles: Mark Ryland, Director, Office of the CISO
Mark Ryland at the AWS Summit Berlin keynote In the weeks leading up to re:Inforce, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS and […]
New! Set permission guardrails confidently by using IAM access advisor to analyze service-last-accessed information for accounts in your AWS organization
You can use AWS Organizations to centrally govern and manage multiple accounts as you scale your AWS workloads. With AWS Organizations, central security administrators can use service control policies (SCPs) to establish permission guardrails that all IAM users and roles in the organization’s accounts adhere to. When teams and projects are just getting started, administrators […]
How to host and manage an entire private certificate infrastructure in AWS
AWS Certificate Manager (ACM) Private Certificate Authority (CA) now offers the option for managing online root CAs and a full online PKI hierarchy. You can now host and manage your organization’s entire private certificate infrastructure in AWS. Supporting a full hierarchy expands AWS Certificate Manager (ACM) Private Certificate Authority capabilities. CA administrators can use ACM […]
How to prompt users to reset their AWS Managed Microsoft AD passwords proactively
If you’re an AWS Directory Service administrator, you can reset your directory users’ passwords from the AWS console or the CLI when their passwords expire. However, you can improve your efficiency by reducing the number of requests for password resets. You can also help improve the security of your organization by having your users proactively […]
How to sign up for a Leadership Session at re:Inforce 2019
The first annual re:Inforce conference is one week away and with two full days of security, identity, and compliance learning ahead, I’m looking forward to the community building opportunities (such as Capture the Flag) and the hundreds of sessions that dive deep into how AWS services can help keep businesses secure in the cloud. The […]
Working backward: From IAM policies and principal tags to standardized names and tags for your AWS resources
February 11, 2021: We updated the tag and instance creation policies for Amazon EC2 to reflect network interface support for attribute-based access control (ABAC). We also added a link to additional sample policies for launching an EC2 instance, and we corrected a condition key “aws:RequestTag/access-zone” to “aws:RequestTag/access-environment”. Amazon ElastiCache now supports names up to 50 […]
Definitely not an AWS Security Profile: Corey Quinn, a “Cloud Economist” who doesn’t work here
In the weeks leading up to re:Inforce, we’ll share conversations we’ve had with people who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. You don’t work at AWS, but you do have deep experience with AWS Services. Can you talk about […]
Singapore financial services: new resources for customer side of the shared responsibility model
Based on customer feedback, we’ve updated our AWS User Guide to Financial Services Regulations and Guidelines in Singapore whitepaper, as well as our AWS Monetary Authority of Singapore Technology Risk Management Guidelines (MAS TRM Guidelines) Workbook, which is available for download via AWS Artifact. Both resources now include considerations and best practices for the customer […]
AWS Security Profiles: Fritz Kunstler, Principal Consultant, Global Financial Services
Photo courtesy of Fritz Kunstler In the weeks leading up to re:Inforce, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you […]
How to securely provide database credentials to Lambda functions by using AWS Secrets Manager
April 29, 2022: This post has been updated based on working backwards from a customer need to securely allow access and use of Amazon RDS database credentials from a AWS Lambda function. In this blog post, we will show you how to use AWS Secrets Manager to secure your database credentials and send them to […]