Category: Top Posts

November 14, 2023: We’ve updated this post to use IAM Identity Center and follow updated IAM best practices. In this post, we discuss the concept of folders in Amazon Simple Storage Service (Amazon S3) and how to use policies to restrict access to these folders. The idea is that by properly managing permissions, you can […]

August 10, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. If you’re looking to improve your cloud security, a good place to start is to follow the top 10 most important cloud security tips […]

August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. February 21, 2020: We fixed a missing comma in a policy example. March 3, 2020: […]

June 2, 2021: The instructions in this blog post have been implemented in an AWS Solution, AWS Security Hub Automated Response and Remediation, that includes remediations for more than 20 security controls. To learn more about implementing the solution, see How to deploy the AWS Solution for Security Hub Automated Response and Remediation. AWS Security […]

April 2, 2021: In the section “Granting cross-account bucket access to a specific IAM role,” we’ve updated the second policy to fix an error. I am a cloud support engineer here at AWS, and customers often ask me how they can limit Amazon S3 bucket access to a specific AWS Identity and Access Management (IAM) […]

Update on March 12, 2019: You can now find and update your access keys from a single, central location in the AWS Management Console. Learn how in this post. In this blog post, I’ll discuss what you should do in case you’ve lost your secret access key or need a new one. This post assumes that […]