Category: Uncategorized

Amazon S3 provides comprehensive security and compliance capabilities that meet even the most stringent regulatory requirements. It gives you flexibility in the way you manage data for cost optimization, access control, and compliance. However, because the service is flexible, a user could accidentally configure buckets in a manner that is not secure. For example, let’s […]

Using Amazon Cloud Directory, you can build flexible, cloud-native directories for organizing hierarchies of data along multiple dimensions. And now, you can search more efficiently by searching across only a subset of objects in your directory. For example, instead of searching through all of the employees in a company directory built using Cloud Directory, you […]

Companies using .NET applications to access sensitive user information, such as employee salary, Social Security Number, and credit card information, need an easy and secure way to manage access for users and applications. For example, let’s say that your company has a .NET payroll application. You want your Human Resources (HR) team to manage and […]

** Update:  the Google Autenticator application for iOS has been updated and now available from Apple’s App Store.  It no longer has an issue of potentially losing existing AWS MFA tokens as reported in this post. Do you use Google Authenticator for iOS for AWS MFA? If so, then read this! If you use Google […]

Jeff Barr, AWS’s chief evangelist, recently did an AWS Report interview with Symplified’s CTO and co-founder Darren Plat covering identity federation and single sign-on to cloud-based apps.  The interview goes into depth about the need for identity federation services in the cloud and how Symplified implemented their offering for AWS services. You can watch the […]

In May 2013, we announced support for federation using identities Amazon, Facebook, and Google (a.k.a. web identity federation), which allows your apps to authenticate users via Amazon, Facebook, or Google and then access AWS resources managed under your account. To help you understand how web identity federation works, today we’re releasing the Web Identity Federation […]

If you’re a frequent reader of this blog, you probably know that AWS recommends as a security best practice that you set up one or more AWS Identity and Access Management (IAM) users for interaction with AWS services, rather than use your root account. Why? The credentials for your AWS root account provide full access […]

Dear readers, We hope you’ve found our posts over the past couple of months both informative and useful. While we’ve posted a variety of topics to appeal to a broad audience, we’d like to hear directly from you about what we could do better. What additional topics would you like us to write about related […]

Log into Facebook or Google, then access AWS resources? Impossible (well, perhaps difficult…) you say – until now. On 5/28 the AWS Identity and Access Management (IAM) team launched web identity federation. This new feature expands existing AWS identity federation capabilities to include support for public identity providers such as Facebook, Google, or the newly […]

Thinking about building a secure delegation solution to grant temporary access to your AWS account?  This week’s guest blogger Kai Zhao, Product Manager on our AWS Identity and Access Management (IAM) team, will discuss some considerations when deciding on an approach: Introduction Using temporary security credentials (“sessions”) enables you to securely delegate access to your AWS environment […]