AWS Security Blog

Tag: Amazon Elasticsearch Service

How to Visualize and Refine Your Network’s Security by Adding Security Group IDs to Your VPC Flow Logs

Note from July 11, 2017: In response to readers’ feedback, the author of this blog post has updated this post’s example code to provide more reliable handling of error scenarios, particularly in which the geographical lookup fails. Additionally, the author has added details about testing the example code by using Amazon Kinesis Data Generator. If you already […]

Read More

How to Monitor Host-Based Intrusion Detection System Alerts on Amazon EC2 Instances

To help you secure your AWS resources, we recommend that you adopt a layered approach that includes the use of preventative and detective controls. For example, incorporating host-based controls for your Amazon EC2 instances can restrict access and provide appropriate levels of visibility into system behaviors and access patterns. These controls often include a host-based […]

Read More

How to Control Access to Your Amazon Elasticsearch Service Domain

With the recent release of Amazon Elasticsearch Service (Amazon ES), you now can build applications without setting up and maintaining your own search cluster on Amazon EC2. One of the key benefits of using Amazon ES is that you can leverage AWS Identity and Access Management (IAM) to grant or deny access to your search […]

Read More

How to Optimize and Visualize Your Security Groups

Note: On May 3, 2017, we published a related blog post also written by Guy Denney, How to Visualize and Refine Your Network’s Security by Adding Security Group IDs to Your VPC Flow Logs. Many organizations start their journey with AWS by experimenting with existing applications. Those experiments may include trying to move an application to […]

Read More