AWS Security Blog

Introducing New APIs to Help Test Your Access Control Policies

AWS Identity and Access Management (IAM) has added two new APIs that enable you to automate validation and auditing of permissions for your IAM users, groups, and roles. Using these two APIs, you can call the IAM policy simulator using the AWS CLI or any of the AWS SDKs. Use the new iam:SimulatePrincipalPolicy API to […]

Read More

Need NIST Compliance in the AWS Cloud? AWS Compliance Has You Covered: NIST 800-171

AWS’s industry-leading security strength benefits you in many ways, one of which is by using a platform that is audited extensively by independent third-party assessors. At times, these audits confirm we can meet new requirements, even as they are issued, and this is the case for the National Institute of Standards and Technology (NIST) guidelines 800-171, […]

Read More

How to Help Prepare for DDoS Attacks by Reducing Your Attack Surface

Distributed denial of service (DDoS) attacks are sometimes used by malicious actors in an attempt to flood a network, system, or application with more traffic, connections, or requests than it can handle. Not surprisingly, customers often ask us how we can help them protect their applications against these types of attacks. To help you optimize […]

Read More

New Australian IRAP FAQ and Hub Page

Positive news for our Australian customers: we recently launched a compliance hub and FAQ page for Australian government customers and their assessors for the Information Security Registered Assessors Program (IRAP) on implementing the Australian Signals Directorate’s (ASD) Information Security Manual (ISM). The new hub and FAQ address many of the questions that Australian government customers […]

Read More

Organize Your Permissions by Using Separate Managed Policies

This year we released managed policies to enable you to create a set of stand-alone policies that you can attach to multiple IAM entities (users, groups, and roles) in your AWS account. Since that release, we have heard from many of you that you’d prefer to mix and match policies instead of just using one universal […]

Read More

Don’t Miss AWS re:Invent—Sign Up for the Livestream Broadcasts

September 16 update: The full schedule is now included below. Even though AWS re:Invent 2015 is sold out, you can still get the latest announcements and product information by viewing our Livestream Broadcasts of the keynotes and select technical breakout sessions. Sign up for the Livestream Broadcasts now.

Read More

How to Manage Identities in Simple AD Directories

As I said in yesterday’s blog post, How to Migrate Your Microsoft Active Directory Users to Simple AD, AWS Directory Service allows you to create a standalone, highly available AWS-managed directory called Simple AD in a matter of minutes. With Simple AD, you can centrally manage user accounts and group memberships for Amazon EC2 instances […]

Read More

How to Migrate Your Microsoft Active Directory Users to Simple AD

AWS Directory Service allows you to create a standalone, highly available AWS-managed directory called Simple AD in a matter of minutes. With Simple AD, you can centrally manage user accounts and group memberships for Amazon EC2 instances joined to a domain. It also allows you to use a single set of credentials to log in […]

Read More

Register for and Attend This August 20 Webinar–Best Practices for DDoS Resiliency

As part of the AWS Webinar Series, AWS will present Best Practices for DDoS Resiliency on Thursday, August 20. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time (UTC-7). AWS Security Solutions Architect Jonathan Desrocher will outline how to use AWS services like Elastic Load Balancing (ELB), Auto Scaling, Amazon CloudFront, […]

Read More

New Whitepaper: CJIS Compliance on AWS

AWS is an attractive environment for regulated data, including Criminal Justice Information (CJI) subject to the Criminal Justice Information Services (CJIS) Security Policy. AWS customers have used the AWS cloud for a wide range of sensitive federal and state government workloads, including CJI data. Law enforcement customers and partners who manage CJI are taking advantage […]

Read More