AWS Security Blog

October 15, 2021:We updated a link in this blog post. The newly released whitepaper, Single Sign-On: Integrating AWS, OpenLDAP, and Shibboleth, will help you integrate your existing LDAP-based user directory with AWS. When you integrate your existing directory with AWS, your users can access AWS by using their existing credentials. This means that your users […]

May 16, 2019 update: We’ve removed a reference to the IT-Grundschutz Certification Workbook. AWS now recommends that customers refer to the Cloud Computing Compliance Controls Catalog (C5) instead. Learn more about C5 here: https://aws.amazon.com/compliance/bsi-c5/ AWS has radically improved cloud service provider compliance offerings with the ongoing development and releases of next gen customer-focused compliance enablers […]

AWS Identity and Access Management (IAM) recently launched managed policies, which enable you to attach a single access control policy to multiple entities (IAM users, groups, and roles). Managed policies also give you precise, fine-grained control over how your users can manage policies and permissions for other entities. For example, you can control which managed […]

Earlier this month, we let you know that AWS Identity and Access Management (IAM) would be upgrading policy validation today (March 25, 2015) to help you ensure that your IAM policies match your intentions. This upgrade is now in effect for all IAM policies. Starting today, to save changes to your IAM policies, you must […]

If you are an Amazon RDS customer, you might have received email from AWS notifying you about rotating your SSL certificates. The SSL certificates for RDS database instances are being updated on March 23, 2015, at 20:00 UTC. The certificates are being updated as part of standard maintenance and security best practices for RDS, and […]

On March 25, 2015, we will upgrade the Identity and Access Management (IAM) policy validation to help ensure that your policies reflect your intentions. Starting on this day, to save changes to policies, you must first ensure that your policies comply with the IAM policy grammar. Your existing policies will continue to work as they […]

Have you ever thought that authoring Identity and Access Management (IAM) policies would be easier if the JSON of your policies were automatically formatted? If so, you will be excited to hear you can now enable autoformatting for all your policies by simply selecting a single check box. In this blog post, I will show […]

Have you ever spent time searching for a syntax error—such as a missing comma—when editing an AWS Identity and Access Management (IAM) policy? If so, you will be happy to hear that AWS has made it easier for you to identify and correct such errors. To help you find the source of the errors, we’ve […]

Note: The video and slides of this webinar are now available. As part of the new AWS Webinar Series, AWS will present Understanding the AWS Security Model on Thursday, March 19. This webinar will start at 9:00 A.M. and end at 10:00 A.M. Pacific Time (UTC-7). Senior Manager Max Ramsay will examine how to use […]

Some of the most common compliance-related requests we receive from our customers are for reference architecture, a template for how to build your infrastructure in the cloud. These requests indicate how some people learn new concepts: reference architecture visualizations can help to clarify subject matter. In order to clarify how you can use AWS functionality […]