Tag: IAM

Rotate access keys regularly and remove inactive users. You’ve probably heard us mention these as two AWS Identity and Access Management (IAM) security best practices. But how do you know when access keys (for an IAM user or the root account) are no longer in use and safe to delete? To help you answer this […]

AWS Identity and Access Management (IAM) recently launched managed policies, which enable you to attach a single access control policy to multiple entities (IAM users, groups, and roles). Managed policies also give you precise, fine-grained control over how your users can manage policies and permissions for other entities. For example, you can control which managed […]

Earlier this month, we let you know that AWS Identity and Access Management (IAM) would be upgrading policy validation today (March 25, 2015) to help you ensure that your IAM policies match your intentions. This upgrade is now in effect for all IAM policies. Starting today, to save changes to your IAM policies, you must […]

On March 25, 2015, we will upgrade the Identity and Access Management (IAM) policy validation to help ensure that your policies reflect your intentions. Starting on this day, to save changes to policies, you must first ensure that your policies comply with the IAM policy grammar. Your existing policies will continue to work as they […]

Have you ever thought that authoring Identity and Access Management (IAM) policies would be easier if the JSON of your policies were automatically formatted? If so, you will be excited to hear you can now enable autoformatting for all your policies by simply selecting a single check box. In this blog post, I will show […]

Have you ever spent time searching for a syntax error—such as a missing comma—when editing an AWS Identity and Access Management (IAM) policy? If so, you will be happy to hear that AWS has made it easier for you to identify and correct such errors. To help you find the source of the errors, we’ve […]

Recently, AWS launched managed policies, which simplify policy management by enabling you to attach a single policy to multiple AWS Identity and Access Management (IAM) entities such as users, groups, and roles. When you update a managed policy, the permissions in that policy apply to every entity to which the managed policy is attached. We […]

AWS Key Management Service (KMS) is a managed service that makes it easy for you to create, control, rotate, and use your encryption keys in your applications. KMS allows you to create custom keys that other AWS Identity and Access Management (IAM) users and roles in your AWS account can use. You can also enable […]

AWS Security Token Service (STS), which enables your applications to request temporary security credentials, is now available in every AWS region. Previously, STS had only a single endpoint (https://sts.amazonaws.com), but now, there is an endpoint in every AWS region. By bringing STS to a region geographically closer to you, your applications and services can call […]

AWS recently announced a new feature of AWS Identity and Access Management (IAM): managed policies. Managed policies enable you to attach a single policy to multiple IAM users, groups, and roles (in this blog post referred to collectively as “IAM entities”). When you update a managed policy, the permissions in that policy apply to every […]