Tag: Security

Today’s applications collect a lot of data from customers. The data often includes personally identifiable information (PII), that must be protected in compliance with data privacy laws such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). Modern business applications require fast and reliable access to customer data, and Amazon […]

AWS re:Invent drew 52,000 attendees from across the globe to Las Vegas, Nevada, November 27 to December 1, 2023. Now in its 12th year, the conference featured 5 keynotes, 17 innovation talks, and over 2,250 sessions and hands-on labs offering immersive learning and networking opportunities. Amazon CSO Stephen Schmidt With dozens of service and feature […]

In this post, we show you how to apply attribute-based access control (ABAC) while you store and manage your Amazon Elastic Kubernetes Services (Amazon EKS) workload secrets in AWS Secrets Manager, and then retrieve them by integrating Secrets Manager with Amazon EKS using External Secrets Operator to define more fine-grained and dynamic AWS Identity and […]

Amazon Web Services is pleased to announce that the AWS US East (Ohio) and Europe (Paris) Regions have been recertified through October 2024 by the GSM Association (GSMA) under its Security Accreditation Scheme for Subscription Management (SAS-SM) with scope Data Centre Operations and Management (DCOM). The US East (Ohio) Region first obtained GSMA certification in […]

AWS Signer is a fully managed code-signing service to help ensure the trust and integrity of your code. It helps you verify that the code comes from a trusted source and that an unauthorized party has not accessed it. AWS Signer manages code signing certificates and public and private keys, which can reduce the overhead […]

Amazon Web Services (AWS) is pleased to announce the successful renewal of the AWS CyberGRX cyber risk assessment report. This third-party validated report helps customers perform effective cloud supplier due diligence on AWS and enhances customers’ third-party risk management process. With the increase in adoption of cloud products and services across multiple sectors and industries, AWS has become a critical […]

December 12, 2023: We’ve updated this post to clarify that you can use both sts:audit_context and sts:identity_context can be used to create an identity-enhanced session. AWS Identity and Access Management (IAM) roles are a powerful way to manage permissions to resources in the Amazon Web Services (AWS) Cloud. IAM roles are useful when granting permissions […]

As organizations expand their Amazon Web Services (AWS) environment and migrate workloads to the cloud, they find themselves dealing with many AWS Identity and Access Management (IAM) roles and policies. These roles and policies multiply because IAM fills a crucial role in securing and controlling access to AWS resources. Imagine you have a team creating […]

February 29, 2024: This post has been updated to include the account instances opt-in feature supported for member accounts in AWS Organizations. November 28, 2023: This blog has been updated to include Identity Center instances deployment patterns. November 22, 2023: We updated the information about account instances of Identity Center availability. Recently, AWS launched a […]

February 7, 2024: This post has been updated to reflect the the CloudFormation changes for AWS Cloud9 instances requiring an ImageId for deployment as of December 4th 2023. Refer to the AWS Cloud9 documentation for further details. Early-feedback loops exist to provide developers with ongoing feedback through automated checks. This enables developers to take early […]