Tag: Encryption

Amazon ElastiCache for Redis now supports encryption for secure internode communications to help keep personally identifiable information (PII) safe. Both encryption in transit and at rest are supported. The new encryption in-transit feature enables you to encrypt all communications between clients and Redis servers as well as between Redis servers (primary and read replica nodes). […]

Note: The on-demand recording and deck from this Tech Talk are now available. As part of the AWS Online Tech Talks series, AWS will present CloudHSM – Secure, Scalable Key Storage in AWS on Wednesday, October 25. This tech talk will start at 9:00 A.M. Pacific Time and end at 9:40 A.M. Pacific Time. Applications handling confidential […]

March 18, 2024: We have made minor updates and clarifications based on customer feedback to the post. June 17, 2022: We simplified this post by removing all manual deployment processes and using only the Microsoft Public Key Infrastructure on AWS Quick Start. January 10, 2022: We’ve updated this post with various minor edits. March 29, […]

September 9, 2020: There’s an updated version of this blog here – https://aws.amazon.com/blogs/security/how-to-configure-ldaps-endpoint-for-simple-ad/. Simple AD, which is powered by Samba  4, supports basic Active Directory (AD) authentication features such as users, groups, and https://aws.amazon.com/blogs/security/how-to-configure-ldaps-endpoint-for-simple-ad/the ability to join domains. Simple AD also includes an integrated Lightweight Directory Access Protocol (LDAP) server. LDAP is a standard application […]

Today, the AWS Crypto Tools team introduced a new feature in the AWS Encryption SDK: data key caching. Data key caching lets you reuse the data keys that protect your data, instead of generating a new data key for each encryption operation. Data key caching can reduce latency, improve throughput, reduce cost, and help you […]

You can now use Amazon Simple Queue Service (SQS) to exchange sensitive data between applications using server-side encryption (SSE). SQS is a fully managed message queuing service for reliably communicating between distributed software components and microservices at any scale. You can use SQS to take advantage of the scale, cost, and operational benefits of a […]

September 8, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. The AWS Cryptography team is happy to announce a Python implementation of the AWS Encryption SDK. […]

April 25, 2023: We’ve updated this blog post to include more security learning resources. Note: By default, an instance type that includes an NVMe instance store encrypts data at rest using an XTS-AES-256 block cipher. See this FAQ about NVMe-supported instance types. If you’re using an NVMw instance type, then data at rest is encrypted […]

August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. An Amazon Machine Image (AMI) provides the information required to launch an instance (a virtual […]

In case you missed any AWS Security Blog posts from June, July, and August, they are summarized and linked to below. The posts are shown in reverse chronological order (most recent first), and the subject matter ranges from a tagging limit increase to recording SSH sessions established through a bastion host. August August 16: Updated […]