AWS Security Blog
Tag: Amazon Route 53
Simplify DNS management in a multi-account environment with Route 53 Resolver
September 27, 2021: In the section “Third use case,” we updated step 3 to improve clarity. April 15, 2021: In the section “Third use case,” we updated the diagram and steps for clarity. April 2, 2021: In the section “Step 1: Set up a centralized DNS account,” we updated step 4. June 5, 2019: We […]
Read MoreEnhanced Domain Protections for Amazon CloudFront Requests
Over the coming weeks, we’ll be adding enhanced domain protections to Amazon CloudFront. The short version is this: the new measures are designed to ensure that requests handled by CloudFront are handled on behalf of legitimate domain owners. Using CloudFront to receive traffic for a domain you aren’t authorized to use is already a violation […]
Read MoreHow to centralize DNS management in a multi-account environment
Note from June 5, 2019: The approach and architecture in this post is recommended if you prefer more control over DNS servers or prefer to use AWS Managed Active Directory for DNS resolution, however there are some limitations to this approach and we added a “Limitations and additional considerations” section to this post to describe […]
Read MoreEasier Certificate Validation Using DNS with AWS Certificate Manager
Secure Sockets Layer/Transport Layer Security (SSL/TLS) certificates are used to secure network communications and establish the identity of websites over the internet. Before issuing a certificate for your website, Amazon must validate that you control the domain name for your site. You can now use AWS Certificate Manager (ACM) Domain Name System (DNS) validation to […]
Read MoreNow You Can Use AWS Shield Advanced to Help Protect Your Amazon EC2 Instances and Network Load Balancers
Starting today, AWS Shield Advanced can help protect your Amazon EC2 instances and Network Load Balancers against infrastructure-layer Distributed Denial of Service (DDoS) attacks. Enable AWS Shield Advanced on an AWS Elastic IP address and attach the address to an internet-facing EC2 instance or Network Load Balancer. AWS Shield Advanced automatically detects the type of AWS resource behind the […]
Read MoreNow You Can Monitor DDoS Attack Trends with AWS Shield Advanced
AWS Shield Advanced has always notified you about DDoS attacks on your applications via the AWS Management Console and API as well as Amazon CloudWatch metrics. Today, we added the global threat environment dashboard to AWS Shield Advanced to allow you to view trends and metrics about DDoS attacks across Amazon CloudFront, Elastic Load Balancing, […]
Read MoreHow to Control TLS Ciphers in Your AWS Elastic Beanstalk Application by Using AWS CloudFormation
Securing data in transit is critical to the integrity of transactions on the Internet. Whether you log in to an account with your user name and password or give your credit card details to a retailer, you want your data protected as it travels across the Internet from place to place. One of the protocols […]
Read MoreHow to Help Protect Dynamic Web Applications Against DDoS Attacks by Using Amazon CloudFront and Amazon Route 53
Using a content delivery network (CDN) such as Amazon CloudFront to cache and serve static text and images or downloadable objects such as media files and documents is a common strategy to improve webpage load times, reduce network bandwidth costs, lessen the load on web servers, and mitigate distributed denial of service (DDoS) attacks. AWS […]
Read MoreHow to Protect Your Web Application Against DDoS Attacks by Using Amazon Route 53 and an External Content Delivery Network
Distributed Denial of Service (DDoS) attacks are attempts by a malicious actor to flood a network, system, or application with more traffic, connections, or requests than it is able to handle. To protect your web application against DDoS attacks, you can use AWS Shield, a DDoS protection service that AWS provides automatically to all AWS […]
Read MoreThe Most Viewed AWS Security Blog Posts in 2016
September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. The following 10 posts were the most viewed AWS Security Blog posts that we published during 2016. You can use this list as a guide to catch up on your blog reading or even read a post again that you […]
Read More