AWS Security Blog

Tag: AWS IAM

Test Resource-Level Permissions Using the IAM Policy Simulator

To make it easier for you to test, verify, and understand resource-level permissions in your account, the AWS Identity and Access Management (IAM) policy simulator will now automatically provide a list of resources and parameters required for each AWS action. These enhancements provide you with more accurate simulation results and help ensure that your policies […]

Read More

New Tabbed Organization of Your Resources in the IAM Console

Today, AWS Identity and Access Management (IAM) enhanced the IAM console user interface to make it easier to view details about your users, groups, roles, and policies (“IAM entities”). The detail pages for these IAM entities now are organized with tabs for easier browsing so that you can quickly switch between them with minimal scrolling. […]

Read More

Now Available: Videos and Slide Decks from the re:Invent 2015 Security and Compliance Track

Whether you want to review a Security and Compliance track session you attended at re:Invent 2015, or you want to experience a session for the first time, videos and slide decks from the Security and Compliance track are now available. SEC201: AWS Security State of the Union: How Should We All Think About Security? Video Slide […]

Read More

Learn About the Rest of the Security and Compliance Track Sessions Being Offered at re:Invent 2015

Previously, I mentioned that the re:Invent 2015 Security & Compliance track sessions had been announced, and I also discussed the AWS Identity and Access Management (IAM) sessions that will be offered as part of the Security & Compliance track. Today, I will highlight the remainder of the sessions that will be presented as part of the […]

Read More

How to Help Lock Down a User’s Amazon EC2 Capabilities to a Single VPC

As a cloud support engineer, I am frequently asked this question: “How can I lock down my user’s Amazon EC2 access to a single VPC?” This blog post will answer the question and explain how you can help control this level of access through the use of AWS Identity and Access Management (IAM) policies and […]

Read More

Use AWS Services to Adhere to Security Best Practices—Minus the Inordinate Time Investment

As security professionals, it is our job to be sure that our decisions adhere to best practices. Best practices, though, tend to be time consuming, which means we either don’t get around to following best practices, or we spend too much time on tedious, manual tasks. This blog post includes two examples where AWS services […]

Read More

How to Delegate Management of Multi-Factor Authentication to AWS IAM Users

Note from September 20, 2017: Based on customer feedback, we have moved the process outlined in this post to the official AWS documentation. AWS Identity and Access Management (IAM) has a list of best practices that you are encouraged to use. One of those best practices is to enable multi-factor authentication (MFA) for your AWS root […]

Read More