AWS Security Blog

Tag: X.509

How to use ACM Private CA for enabling mTLS in AWS App Mesh

Securing east-west traffic in service meshes, such as AWS App Mesh, by using mutual Transport Layer Security (mTLS) adds an additional layer of defense beyond perimeter control. mTLS adds bidirectional peer-to-peer authentication on top of the one-way authentication in normal TLS. This is done by adding a client-side certificate during the TLS handshake, through which […]

Read More

How to Eliminate the Need for Hardcoded AWS Credentials in Devices by Using the AWS IoT Credentials Provider

August 31, 2021: AWS IoT Core Credential Provider enables customers to request temporary, limited-privilege security tokens that are valid up to 12 hours and use the tokens to sign and authenticate any AWS request. Until now, the AWS IoT Core Credential Provider issued security tokens that were valid up to 1 hour only. Now with […]

Read More