Tag: Best of 2018

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. We covered a lot of ground in 2018: from GDPR to re:Inforce and numerous feature announcements, AWS GuardDuty deep-dives to SOC reports, automated reasoning explanations, and a series of interviews with AWS thought leaders. We’ve got big plans for 2019, […]

Update: re:Inforce 2019 tickets are now available for purchase. You can learn more about the event here, and re:Inforce registration is now officially open! On the eve of re:Invent 2018, I’m pleased to announce that AWS is launching our first conference dedicated to cloud security: AWS re:Inforce. The event will offer a deep dive into the […]

Today, Bloomberg BusinessWeek published a story claiming that AWS was aware of modified hardware or malicious chips in SuperMicro motherboards in Elemental Media’s hardware at the time Amazon acquired Elemental in 2015, and that Amazon was aware of modified hardware or chips in AWS’s China Region. As we shared with Bloomberg BusinessWeek multiple times over […]

April 25, 2023: We’ve updated this blog post to include more security learning resources. Update on October 8, 2018: After we launched support for security devices manufactured by Yubico on September 25, 2018, we received feedback from customers to support other U2F security key providers, as well. Starting October 8, 2018, you can now enable […]

Today, we’re happy to announce that the AWS GDPR Data Processing Addendum(.pdf) is now part of our online Service Terms. This means all AWS customers globally can rely on the terms of the AWS GDPR DPA which will apply automatically from May 25, 2018, whenever they use AWS services to process personal data under the GDPR. The AWS […]

Update on February 20, 2019: We updated the policy example to remove the “iam:AttachRolePolicy” permission. We also added a reference to the permissions boundaries security blog post to show how to grant developers the permissions to create roles they can pass to AWS services. We made it easier for you to comply with regulatory standards […]

  Update from April 24, 2018: On April 24, 2018, we updated ACM to publish certificates to CT logs on issuance and on renewal, unless you disable Certificate Transparency logging. No action from you is required if you want ACM to publish your certificates to Certificate Transparency logs, which will avoid Google Chrome displaying error […]

Oct 3, 2019: We’ve updated a sentence to clarify that AWS services can be used in compliance with GDPR. Today, I’m very pleased to announce that all AWS services can be used in compliance with the General Data Protection Regulation (GDPR). This means that, in addition to benefiting from all of the measures that AWS […]

Amazon S3 provides comprehensive security and compliance capabilities that meet even the most stringent regulatory requirements. It gives you flexibility in the way you manage data for cost optimization, access control, and compliance. However, because the service is flexible, a user could accidentally configure buckets in a manner that is not secure. For example, let’s […]

September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. IAM Identity Center May 23, 2022: This blog post is out of date. Please refer here for current info: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html Today, AWS made it […]