Tag: Security Blog

Today, I’m happy to announce the completion of another successful Service Organization Controls (SOC) assessment. The AWS SOC program is an intense, period-in-time audit performed every six months. We have been releasing SOC Reports (or their SAS 70 predecessors) regularly since 2009, and we have, over the years, gradually built in more controls and added […]

Today, AWS introduced the preview of Short Message Service (SMS) support for multi-factor authentication (MFA), making it easier for you to implement a security best practice. Until now, you could enable MFA for AWS Identity and Access Management (IAM) users only with hardware or virtual MFA tokens, but this new feature enables you to use […]

My previous blog post on November 11, 2015, reported that we were preparing to activate AWS Security Token Service (STS) by default in all AWS regions. As of today, AWS STS is active by default in all AWS regions, for all customers. This means that your applications and services can immediately take advantage of reduced […]

We continually review your input submitted via the Feedback link on the AWS Identity and Access Management (IAM) console. Based on our recent review of that feedback, one of the features most frequently requested by you is the ability to search for an IAM user with their associated access key ID. To address this request […]

By the end of November 2015, AWS Security Token Service (STS) will be active by default in all AWS regions, which means that your applications and services can call AWS STS in a region geographically closer to you. This change will optimize latencies and improve application performance. Additionally, the multiregional resiliency provided by AWS STS […]

One of the most important and critical concepts in AWS Key Management Service (KMS) for advanced and secure data usage is EncryptionContext. Using EncryptionContext properly can help significantly improve the security of your applications. In this blog post, I will show the importance of EncryptionContext and will provide a simple example showing how you can […]

To make it easier for you to test, verify, and understand resource-level permissions in your account, the AWS Identity and Access Management (IAM) policy simulator will now automatically provide a list of resources and parameters required for each AWS action. These enhancements provide you with more accurate simulation results and help ensure that your policies […]

Today, AWS Identity and Access Management (IAM) enhanced the IAM console user interface to make it easier to view details about your users, groups, roles, and policies (“IAM entities”). The detail pages for these IAM entities now are organized with tabs for easier browsing so that you can quickly switch between them with minimal scrolling. […]

Today, AWS Identity and Access Management (IAM) made it easier to help you verify your permissions by adding support for resource-based policies in the IAM policy simulator. This extends the capabilities of the IAM policy simulator console and APIs to help you understand, test, and validate how your resource-based policies and IAM policies work together […]

Amazon WorkDocs (formerly Amazon Zocalo) is a fully managed, secure enterprise storage and sharing service that incorporates feedback capabilities to improve user productivity. You can comment on files, send them to others for feedback, and upload new versions without having to resort to emailing multiple versions of files as attachments. WorkDocs includes security features such […]