Real-world solutions, announcements, and event coverage

AWS Security Blog

Learn how AWS security specialists look around corners, navigate technical issues, and support new capabilities.

Top posts

Top posts

Top posts

AWS Blogs Home »

Filters

Post type
Learning level
Related products

The latest

Showing results: 1-11
Total results: 1619
No blogs found matching that criteria.
  • Chris Betz, 03/13/2025
    Every day, I talk with security leaders who are navigating a critical balancing act. On one side, their organizations are moving faster than ever, adopting transformative technologies like generative AI and expanding their cloud footprint. On the other, they’re working to maintain strong security controls and visibility across an increasingly complex landscape. We all know [...]
  • Manuel Heinkel, Markus Kokott, 03/13/2025
    Containerization offers organizations significant benefits such as portability, scalability, and efficient resource utilization. However, managing access control and authorization for containerized workloads across diverse environments—from on-premises to multi-cloud setups—can be challenging. This blog post explores four architectural patterns that use Amazon Verified Permissions for application authorization in Kubernetes environments. Verified Permissions is a scalable permissions management and fine-grained [...]
  • Vishal Pabari, 03/05/2025
    We’re excited to announce that Amazon Web Services (AWS) has completed the annual Dubai Electronic Security Centre (DESC) certification audit to operate as a Tier 1 Cloud Service Provider (CSP) for the AWS Middle East (UAE) Region. This alignment with DESC requirements demonstrates our continued commitment to adhere to the heightened expectations for CSPs. Government [...]
  • Nimesh Ravasa, Chinmaee Parulekar, 03/01/2025
    Amazon Web Services (AWS) successfully completed an onboarding audit with no findings for ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, 20000-1:2018, and 22301:2019, and Cloud Security Alliance (CSA) STAR Cloud Controls Matrix (CCM) v4.0. EY CertifyPoint auditors conducted the audit and reissued the certificates on February 19, 2025. The objective was to assess the level of [...]
  • Naranjan Goklani, James Kierstead, Michael Davie, 02/24/2025
    Organizations seeking to adhere to the Canadian Centre for Cyber Security (CCCS) Protected B High Value Assets (PBHVA) overlay requirements can use the Landing Zone Accelerator (LZA) on AWS solution with the CCCS Medium configuration to accelerate their compliance journey. To further support customers, AWS recently collaborated with Coalfire to assess and verify the LZA [...]
  • Anshu Bathla, Jay Goradia, 02/24/2025
    As your Amazon Web Services (AWS) environment grows, you might develop a need to grant cross-account access to resources. This could be for various reasons, such as enabling centralized operations across multiple AWS accounts, sharing resources across teams or projects within your organization, or integrating with third-party services. However, granting cross-account access requires careful consideration [...]
  • Varun Sharma, Nishant Mainro, Roshini Jagarapu, 02/24/2025
    February 26, 2025: We’ve updated this post to fix a typo in the code in Step 5 – Deploy your workload. Many customers want to seamlessly integrate their on-premises Kubernetes workloads with AWS services, implement hybrid workloads, or migrate to AWS. Previously, a common approach involved creating long-term access keys, which posed security risks and [...]
  • Mary Kay Sondecker, Jason Goode, Jesse Lepich, Michael Leighty, 02/21/2025
    AWS Network Firewall’s automated domain lists feature enhances network security by analyzing HTTP and HTTPS traffic patterns, providing visibility into domain usage, and simplifying the creation and management of outbound traffic controls through domain-based allowlisting.
  • Chris Craig, Laura Verghote, Ashwin Phadke, 02/14/2025
    February 14, 2025: This post was updated with the recommendation to restrict S3 bucket access to an IAM role by using the aws:PrincipalArn condition key instead of the aws:userid condition key. April 2, 2021: In the section “Granting cross-account bucket access to a specific IAM role,” we updated the second policy to fix an error. [...]
  • Ken Beer, 02/12/2025
    February 12, 2025: This post was republished to include new services and features that have launched since the original publication date of June 11, 2020. Encryption is a critical component of a defense-in-depth security strategy that uses multiple defensive mechanisms to protect workloads, data, and assets. As organizations look to innovate while building trust with [...]
  • Jonathan Jenkyn, Michael Tschannen, 02/11/2025
    Generative AI applications often involve a combination of various services and features—such as Amazon Bedrock and large language models (LLMs)—to generate content and to access potentially confidential data. This combination requires strong identity and access management controls and is special in the sense that those controls need to be applied on various levels. In this [...]