Category: Uncategorized

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Amazon Elasticsearch Service (Amazon ES) is a fully managed service that you can use to deploy, secure, and run Elasticsearch cost-effectively at scale. The service provides support for open-source Elasticsearch APIs, managed Kibana, and integration with Logstash and other AWS […]

We are excited to announce the addition of 41 new services in the scope of our latest Outsourced Service Provider Audit Report (OSPAR) audit cycle, for a total of 105 services in the Asia Pacific (Singapore) Region. The newly added services include: AWS Security Hub, which gives you a comprehensive view of high-priority security alerts […]

On January 6, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released an alert (AA20-006A) that highlighted measures for critical infrastructure to prepare for information security risks, but which are also relevant to all organizations. The CISA alert focuses on vulnerability mitigation and incident preparation. At AWS, security is our […]

October 29, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. AWS Key Management Service (AWS KMS) now supports asymmetric keys. You can create, manage, and […]

With re:Invent 2019 just weeks away, the excitement is building and we’re looking forward to seeing you all soon! If you’re attending re:Invent with the goal of improving your organization’s cloud security operations, here are some highlights from the re:Invent 2019 session catalog. Reserved seating is now open, so get your seats in advance for […]

You can use AWS Organizations to centrally govern and manage multiple accounts as you scale your AWS workloads. With AWS Organizations, central security administrators can use service control policies (SCPs) to establish permission guardrails that all IAM users and roles in the organization’s accounts adhere to. When teams and projects are just getting started, administrators […]

April 29, 2022: This post has been updated based on working backwards from a customer need to securely allow access and use of Amazon RDS database credentials from a AWS Lambda function. In this blog post, we will show you how to use AWS Secrets Manager to secure your database credentials and send them to […]

October 2, 2024: This post was republished to update the terminology for management accounts. AWS Organizations is now available in the AWS GovCloud (US) Regions, enabling you to centrally govern and manage your AWS GovCloud (US) accounts. AWS Organizations helps you to centrally manage billing; control access, compliance, and security; and share resources across your […]

In an earlier post, Enabling serverless security analytics using AWS WAF full logs, Amazon Athena, and Amazon QuickSight, published on March 28, 2019, the authors showed you how to stream WAF logs with Amazon Kinesis Firehose for visualization using QuickSight. This approach used no filtering of the logs so that you could visualize the full […]

September 19, 2025: This post was updated to reflect that AWS Organizations now offers full IAM policy language support for service control policies (SCPs). Details of this new feature are outlined in this post. AWS Organizations provides central governance and management for multiple accounts. Central security administrators use service control policies (SCPs) with AWS Organizations […]