AWS Security Blog

Want Help with Securing Your AWS Account? Here Are Some Resources

Some customers have asked how they should be using AWS Identity and Access Management (IAM) to help limit their exposure to problems like those that have recently been in the news. In general, AWS recommends that you enable multi-factor authentication (MFA) for your AWS account and for IAM users who are allowed to perform sensitive […]

Read More

New in Amazon EMR: Support for Federated Users

AWS announced yesterday that Amazon Elastic MapReduce (EMR) added support for federated users. If you use Amazon EMR, you can now enable users to administer Amazon EMR clusters who are signed in to your corporate network using their corporate credentials—you no longer need to create IAM users for access to EMR. Up to now, federated […]

Read More

Federating Identity Management at Netflix with OneLogin

As one of our most active customers, Netflix has hundreds of administrators who need access to AWS daily. Therefore, by eliminating their need to use AWS credentials via identity federation, they saved time, money, and administrative effort almost immediately. They were able to use SAML and OneLogin, their existing identity management provider, to federate users […]

Read More

Granting Permission to Launch EC2 Instances with IAM Roles (PassRole Permission)

When you launch an Amazon EC2 instance, you can associate an AWS IAM role with the instance to give applications or CLI commands that run on the instance permissions that are defined by the role. When a role is associated with an instance, EC2 obtains temporary security credentials for the role you associated with the […]

Read More

With New ELB Permissions, Support for IAM in AWS Is Going Strong

The Elastic Load Balancing team announced on May 13, 2014 that they’ve added support for resource-level permissions. Not only can you specify which ELB actions a user can perform, you can specify which resources the user can perform those actions on. For more information about the new ELB permissions, see Controlling Access to Your Load […]

Read More

Some AWS SDKs Security Features You Should Know About

The AWS SDK team recently added and documented some security-related features that we think you shouldn’t miss. Check these out! Updates for managing access keys in the .NET and Java SDKs. In Referencing Credentials using Profiles, blogger Norm Johanson describes how you can now put a credentials file in your user folder. This great security […]

Read More

Encryption for EBS Volumes Can Help You with Security and Compliance

On May 21, AWS launched encryption for EBS volumes, a frequently requested feature, which can help you meet stricter security and encryption compliance requirements. You can now create an encrypted EBS volume and attach it to an EC2 instance. Data on the volume, disk I/O, and snapshots created from the volume are all encrypted. The […]

Read More