Tag: Security Blog

Update on February 20, 2019: We updated the policy example to remove the “iam:AttachRolePolicy” permission. We also added a reference to the permissions boundaries security blog post to show how to grant developers the permissions to create roles they can pass to AWS services. We made it easier for you to comply with regulatory standards […]

Oct 3, 2019: We’ve updated a sentence to clarify that AWS services can be used in compliance with GDPR. Security is our top priority at AWS, and from the beginning we have built security into the fabric of our services. With the introduction of GDPR (which becomes enforceable on May 25 of 2018), privacy and […]

Good news for cloud security experts: the AWS Certified Security — Specialty exam is here. This new exam allows experienced cloud security professionals to demonstrate and validate their knowledge of how to secure the AWS platform. About the exam The security exam covers incident response, logging and monitoring, infrastructure security, identity and access management, and […]

Feb 17, 2025: This blog post references AWS CloudHSM Client SDK 3, which is no longer the recommended version. AWS recommends that you use the latest version, AWS CloudHSM Client SDK 5, which provides updated functionality and commands. We are currently working on an updated blog post for CloudHSM Client SDK 5. See the AWS […]

October 29, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. Amazon Elastic Block Store (EBS) offers an encryption solution for your Amazon EBS volumes so […]

Amazon Simple Notification Service (SNS) now supports VPC Endpoints (VPCE) via AWS PrivateLink. You can use VPC Endpoints to privately publish messages to SNS topics, from an Amazon Virtual Private Cloud (VPC), without traversing the public internet. When you use AWS PrivateLink, you don’t need to set up an Internet Gateway (IGW), Network Address Translation […]

  Update from April 24, 2018: On April 24, 2018, we updated ACM to publish certificates to CT logs on issuance and on renewal, unless you disable Certificate Transparency logging. No action from you is required if you want ACM to publish your certificates to Certificate Transparency logs, which will avoid Google Chrome displaying error […]

August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. Recently, we launched AWS Secrets Manager, a service that makes it easier to rotate, manage, […]

June 15, 2020: This blog is out of date. Please refer here for the updated info: https://aws.amazon.com/blogs/aws/new-enhanced-amazon-macie-now-available/ In this post, I’ll show you how to create a sample dataset for Amazon Macie, and how you can use Amazon Macie to implement data-centric compliance and security analytics in your Amazon S3 environment. I’ll also dive into […]

You can always view and manage your Amazon GuardDuty findings on the Findings page in the GuardDuty console or by using GuardDuty APIs with the AWS CLI or SDK. But there’s a quicker and easier way, you can use Amazon Alexa as a conversational interface to review your GuardDuty findings. With Alexa, you can build […]