AWS Security Blog
Tag: AWS Identity and Access Management
How to use service control policies to set permission guardrails across accounts in your AWS Organization
AWS Organizations provides central governance and management for multiple accounts. Central security administrators use service control policies (SCPs) with AWS Organizations to establish controls that all IAM principals (users and roles) adhere to. Now, you can use SCPs to set permission guardrails with the fine-grained control supported in the AWS Identity and Access Management (IAM) […]
Read MoreDelegate permission management to developers by using IAM permissions boundaries
Today, AWS released a new IAM feature that makes it easier for you to delegate permissions management to trusted employees. As your organization grows, you might want to allow trusted employees to configure and manage IAM permissions to help your organization scale permission management and move workloads to AWS faster. For example, you might want […]
Read MoreHow to Eliminate the Need for Hardcoded AWS Credentials in Devices by Using the AWS IoT Credentials Provider
August 31, 2021: AWS IoT Core Credential Provider enables customers to request temporary, limited-privilege security tokens that are valid up to 12 hours and use the tokens to sign and authenticate any AWS request. Until now, the AWS IoT Core Credential Provider issued security tokens that were valid up to 1 hour only. Now with […]
Read MorePreparing for AWS Certificate Manager (ACM) Support of Certificate Transparency
Update from April 24, 2018: On April 24, 2018, we updated ACM to publish certificates to CT logs on issuance and on renewal, unless you disable Certificate Transparency logging. No action from you is required if you want ACM to publish your certificates to Certificate Transparency logs, which will avoid Google Chrome displaying error […]
Read More