AWS Security Blog
Tag: AWS Lambda
Continuously monitor unused IAM roles with AWS Config
February 19, 2024: You can now use IAM Access Analyzer to easily identify unused roles. Read this blog post to learn more. January 6, 2021: We updated this post to fix a bug related to allow listing noncompliant roles. January 6, 2020: We updated this post to reflect a valid STS session duration if configured […]
Tips for building a cloud security operating model in the financial services industry
My team helps financial services customers understand how AWS services operate so that you can incorporate AWS into your existing processes and security operations centers (SOCs). As soon as you create your first AWS account for your organization, you’re live in the cloud. So, from day one, you should be equipped with certain information: you […]
How to securely provide database credentials to Lambda functions by using AWS Secrets Manager
April 29, 2022: This post has been updated based on working backwards from a customer need to securely allow access and use of Amazon RDS database credentials from a AWS Lambda function. In this blog post, we will show you how to use AWS Secrets Manager to secure your database credentials and send them to […]
How to Use AWS Config to Monitor for and Respond to Amazon S3 Buckets Allowing Public Access
AWS Config enables continuous monitoring of your AWS resources, making it simple to assess, audit, and record resource configurations and changes. AWS Config does this through the use of rules that define the desired configuration state of your AWS resources. AWS Config provides a number of AWS managed rules that address a wide range of […]
AWS Adds 12 More Services to Its PCI DSS Compliance Program
Twelve more AWS services have obtained Payment Card Industry Data Security Standard (PCI DSS) compliance, giving you more options, flexibility, and functionality to process and store sensitive payment card data in the AWS Cloud. The services were audited by Coalfire to ensure that they meet strict PCI DSS standards. The newly compliant AWS services are: […]
How to Visualize and Refine Your Network’s Security by Adding Security Group IDs to Your VPC Flow Logs
September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. August 31, 2020: The directions in this blog post for how to create an Amazon ES cluster have been updated. February 28, 2019: The features and services described in this post have changed since the post was published and the […]
How to Remediate Amazon Inspector Security Findings Automatically
May 31, 2022: The updated blog post is available here. June 18, 2020: This solution no longer works, and the Lambda runtime this code is relying on has been deprecated. When we have an updated blog, we’ll add a link to it here. Updated on November 27, 2018: We added a policy to the instructions […]
How to Simplify Security Assessment Setup Using Amazon EC2 Systems Manager and Amazon Inspector
August 15, 2021: This blog post is under construction. Please refer back to this post in a day or two for the most accurate and helpful information. In a July 2016 AWS Blog post, I discussed how to integrate Amazon Inspector with third-party ticketing systems by using Amazon Simple Notification Service (SNS) and AWS Lambda. […]
The Most Viewed AWS Security Blog Posts in 2016
September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. The following 10 posts were the most viewed AWS Security Blog posts that we published during 2016. You can use this list as a guide to catch up on your blog reading or even read a post again that you […]
Now Available: Videos from re:Invent 2016 Security and Compliance Sessions
Whether you want to review a Security and Compliance track session you attended at AWS re:Invent 2016 or you want to experience a session for the first time, videos from the Security and Compliance track and re:Source Mini Con for Security Services are now available. Note: Slide decks also will be available in the coming […]