AWS Security Blog

Tag: Well-Architected

Hardening the security of your AWS Elastic Beanstalk Application the Well-Architected way

Hardening the security of your AWS Elastic Beanstalk Application the Well-Architected way

April 7, 2022: This post has been updated with sample Elastic Beanstalk application with hardened security configurations on GitHub. Launching an application in AWS Elastic Beanstalk is straightforward. You define a name for your application, select the platform you want to run it on (for example, Ruby), and upload the source code. The default Elastic Beanstalk configuration […]

Read More

Optimizing cloud governance on AWS: Integrating the NIST Cybersecurity Framework, AWS Cloud Adoption Framework, and AWS Well-Architected

Your approach to security governance, risk management, and compliance can be an enabler to digital transformation and business agility. As more organizations progress in their digital transformation journey—empowered by cloud computing—security organizations and processes cannot simply participate, they must lead in that transformation. Today, many customers establish a security foundation using technology-agnostic risk management frameworks—such […]

Read More

How to implement the principle of least privilege with CloudFormation StackSets

March 24, 2021: We’ve corrected errors in the policy statements in steps 2 and 3 of the section “To create the IAM policy document.” AWS CloudFormation is a service that lets you create a collection of related Amazon Web Services and third-party resources and provision them in an orderly and predictable fashion. A typical access […]

Read More

Techniques for writing least privilege IAM policies

December 4, 2020: We’ve updated this post to use s3:CreateBucket to simplify the intro example, replaced figure 8 removing the IfExists reference, and clarified qualifier information in the example. In this post, I’m going to share two techniques I’ve used to write least privilege AWS Identity and Access Management (IAM) policies. If you’re not familiar […]

Read More

AWS Security Profiles: Greg McConnel, Senior Manager, Security Specialists Team

In the weeks leading up to re:Invent 2019, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current […]

Read More

Singapore financial services: new resources for customer side of the shared responsibility model

Based on customer feedback, we’ve updated our AWS User Guide to Financial Services Regulations and Guidelines in Singapore whitepaper, as well as our AWS Monetary Authority of Singapore Technology Risk Management Guidelines (MAS TRM Guidelines) Workbook, which is available for download via AWS Artifact. Both resources now include considerations and best practices for the customer […]

Read More