AWS Security Blog

February 11, 2021: We updated the tag and instance creation policies for Amazon EC2 to reflect network interface support for attribute-based access control (ABAC). We also added a link to additional sample policies for launching an EC2 instance, and we corrected a condition key “aws:RequestTag/access-zone” to “aws:RequestTag/access-environment”. Amazon ElastiCache now supports names up to 50 […]

In the weeks leading up to re:Inforce, we’ll share conversations we’ve had with people who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. You don’t work at AWS, but you do have deep experience with AWS Services. Can you talk about […]

Based on customer feedback, we’ve updated our AWS User Guide to Financial Services Regulations and Guidelines in Singapore whitepaper, as well as our AWS Monetary Authority of Singapore Technology Risk Management Guidelines (MAS TRM Guidelines) Workbook, which is available for download via AWS Artifact. Both resources now include considerations and best practices for the customer […]

Photo courtesy of Fritz Kunstler In the weeks leading up to re:Inforce, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you […]

April 29, 2022: This post has been updated based on working backwards from a customer need to securely allow access and use of Amazon RDS database credentials from a AWS Lambda function. In this blog post, we will show you how to use AWS Secrets Manager to secure your database credentials and send them to […]

In the weeks leading up to re:Inforce, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]

May 22, 2019 update: We’ve removed a reference to the IT-Grundschutz Certification Workbook. AWS now recommends that customers refer to the Cloud Computing Compliance Controls Catalog (C5) instead. Learn more about C5 here: https://aws.amazon.com/compliance/bsi-c5/ AWS has completed its 2018 assessment against the Cloud Computing Compliance Controls Catalog (C5) information security and compliance program. Germany’s national […]

December 5, 2019: We removed some information about ASP .NET projects that is no longer relevant. November 14, 2019: We updated the cache library code sample. AWS Secrets Manager now has a client-side caching library for.NET that makes it easier to access secrets from .NET applications. This is in addition to client-side caching libraries for […]

AWS has published a whitepaper, Architecting for PCI DSS Scoping and Segmentation on AWS, to provide guidance on how to properly define the scope of your Payment Card Industry (PCI) Data Security Standard (DSS) workloads running on the AWS Cloud. The whitepaper looks at how to define segmentation boundaries between your in-scope and out-of-scope resources […]

March 31, 2025: We provided a note and links to resources in the third use case on using Route 53 profiles as a best practice to enable DNS resolutions between VPCs in different AWS accounts. April 19, 2023: In the section “Create private hosted zones” we updated step 1 to fix syntax error. September 27, […]