PGLinks

https://aws.amazon.com/blogs/security/aws-single-sign-on-now-enables-command-line-interface-access-for-aws-accounts-using-corporate-credentials/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_sso&linkId=50708343

May 23, 2022: This blog post is out of date. Please refer here for current info: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. Today, AWS made it easier to use […]

amazon authentication aws cli sso

Added 1 month ago

https://aws.amazon.com/blogs/security/create-fine-grained-session-permissions-using-iam-managed-policies/?sc_channel=sm&sc_campaign=AWSSecurity_Blog&sc_publisher=TWITTER&sc_country=Security+%26+Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=security_blog_fine_grained_IAM_TWITTER&sc_content=security_blog_fine_grained_IAM&linkId=67337463

As a security best practice, AWS Identity and Access Management (IAM) recommends that you use temporary security credentials from AWS Security Token Service (STS) when you access your AWS resources. Temporary credentials are short-term credentials generated dynamically and provided to the user upon request. Today, one of the most widely used mechanisms for requesting temporary […]

amazon aws security

Added 1 month ago

https://aws.amazon.com/blogs/security/delegate-permission-management-to-developers-using-iam-permissions-boundaries/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_delegate_permission&linkId=54227051

Today, AWS released a new IAM feature that makes it easier for you to delegate permissions management to trusted employees. As your organization grows, you might want to allow trusted employees to configure and manage IAM permissions to help your organization scale permission management and move workloads to AWS faster. For example, you might want […]

aws permissions security

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-automate-saml-federation-to-multiple-aws-accounts-from-microsoft-azure-active-directory/?sc_channel=sm&sc_publisher=TWITTER&sc_country=Security+%26+Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_automate_SAML_federation&linkId=62627605

September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. December 2, 2019: Since the author wrote this post, AWS Single Sign On (AWS IAM Identity Center) has launched native features that simplify using […]

authentication aws integration saml security

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-build-a-multi-region-aws-security-hub-analytic-pipeline/?sc_channel=sm&sc_campaign=AWSSecurity_Blog&sc_publisher=TWITTER&sc_country=Security&sc_geo=GLOBAL&sc_outcome=awareness&trk=AWSSecurity_Blog_TWITTER&s=09

AWS Security Hub is a service that gives you aggregated visibility into your security and compliance posture across multiple Amazon Web Services (AWS) accounts. By joining Security Hub with Amazon QuickSight—a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud—your senior leaders and decision-makers can use dashboards to empower data-driven decisions […]

analysing aws security visualisation

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-centralize-and-automate-iam-policy-creation-in-sandbox-development-and-test-environments/?sc_channel=sm&sc_publisher=TWITTER&sc_country=Security+%26+Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_centralize_automate_IAM&linkId=62045363

To keep pace with AWS innovation, many customers allow their application teams to experiment with AWS services in sandbox environments as they move toward production-ready architecture. These teams need timely access to various sets of AWS services and resources, which means they also need a mechanism to help ensure least privilege is granted. In other […]

aws iam security testing

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-centralize-dns-management-in-a-multi-account-environment/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_directory_service&linkId=51000854

Note from June 5, 2019: The approach and architecture in this post is recommended if you prefer more control over DNS servers or prefer to use AWS Managed Active Directory for DNS resolution, however there are some limitations to this approach and we added a “Limitations and additional considerations” section to this post to describe […]

amazon aws dns multi-account

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-create-custom-alerts-with-amazon-macie/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_macie_custom_alerts&linkId=52705999

June 15, 2020: This blog is out of date. Please refer here for the updated info: https://aws.amazon.com/blogs/aws/new-enhanced-amazon-macie-now-available/ Amazon Macie is a security service that makes it easy for you to discover, classify, and protect sensitive data in Amazon Simple Storage Service (Amazon S3). Macie collects AWS CloudTrail events and Amazon S3 metadata such as permissions […]

amazon aws macie security

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-delegate-administration-of-your-aws-managed-microsoft-ad-directory-to-your-on-premises-active-directory-users/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_delegate_admin_msft_ad_on_prem&linkId=48982350

You can now enable your on-premises users administer your AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD. Using an Active Directory (AD) trust and the new AWS delegated AD security groups, you can grant administrative permissions to your on-premises users by managing group membership in your on-premises AD directory. […]

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-encrypt-and-decrypt-your-data-with-the-aws-encryption-cli/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=awsencryptioncli&sc_category=AWS_Identity_and_Access_Management&linkId=44937334

August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info You can now encrypt and decrypt your data at the command line and in scripts—no […]

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-manage-amazon-guardduty-security-findings-across-multiple-accounts/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_guard_duty_multiple_accounts&linkId=50540054

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Introduced at AWS re:Invent 2017, Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. In an AWS Blog post, Jeff Barr shows you how to […]

amazon aws security

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-use-aws-config-to-monitor-for-and-respond-to-amazon-s3-buckets-allowing-public-access/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_AWS-Config-monitoring-tweet-2&linkId=51888090

AWS Config enables continuous monitoring of your AWS resources, making it simple to assess, audit, and record resource configurations and changes. AWS Config does this through the use of rules that define the desired configuration state of your AWS resources. AWS Config provides a number of AWS managed rules that address a wide range of […]

amazon aws compliance monitoring security

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-use-aws-secrets-configuration-provider-with-kubernetes-secrets-store-csi-driver/?sc_channel=sm&sc_campaign=AWSSecurity_Encryption&sc_publisher=TWITTER&sc_country=Security&sc_geo=GLOBAL&sc_outcome=awareness&trk=AWSSecurity_Blog_TWITTER&linkId=119175714&s=09

January 2, 2024: We’ve updated this post to include the new failover Region feature. April 29, 2021: We’ve updated the order of the commands in Step 1. April 23, 2021: We’ve updated the commands in Steps 1 and 5 and in the “Additional Features” section. Using AWS Secrets Manager, you can more securely retrieve secrets […]

k8s passwords security

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-use-kms-and-iam-to-enable-independent-security-controls-for-encrypted-data-in-s3/?sc_channel=sm&sc_campaign=AWSSecurity_Services&sc_publisher=TWITTER&sc_country=Security&sc_outcome=adoption&trk=AWSSecurity_Services_TWITTER&linkId=82078481

August 31, 2021:AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. Typically, when you protect data in Amazon Simple Storage Service (Amazon S3), you use a combination […]

aws encryption s3 security

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-use-service-control-policies-in-aws-organizations/

January 20, 2020: Based on customer feedback, we rephrased the fourth goal in the “An example structure with nested OUs and SCPs” section to try to improve clarity. With AWS Organizations, you can centrally manage policies across multiple AWS accounts without having to use custom scripts and manual processes. For example, you can apply service […]

amazon authentication aws security

Added 1 month ago

https://aws.amazon.com/blogs/security/how-to-verify-aws-kms-asymmetric-key-signatures-locally-with-openssl/?sc_channel=sm&sc_campaign=AWSSecurity_Services&sc_publisher=TWITTER&sc_country=Security&sc_geo=GLOBAL&sc_outcome=adoption&trk=AWSSecurity_Services_TWITTER&linkId=86699220

August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. In this post, I demonstrate a sample workflow for generating a digital signature within AWS […]

aws certificates key security

Added 1 month ago

https://aws.amazon.com/blogs/security/introducing-aws-single-sign-on/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=awssso&sc_category=AWS_Identity_and_Access_Management&linkId=46975058

September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. Today, AWS introduced AWS IAM Identity Center (AWS IAM Identity Center), a service that makes it easy for you to centrally manage IAM Identity […]

amazon authentication aws saml security sso

Added 1 month ago

https://aws.amazon.com/blogs/security/introducing-the-aws-security-incident-response-whitepaper/?sc_channel=sm&sc_campaign=AWSSecurity_Blog&sc_publisher=TWITTER&sc_country=Security+%26+Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=security_blog_incident_response_whitepaper_TWITTER&sc_content=security_blog_incident_response_whitepaper&linkId=69462957

April 25, 2023: We’ve updated this blog post to include more security learning resources. AWS recently released the AWS Security Incident Response whitepaper, to help you understand the fundamentals of responding to security incidents within your cloud environment. The whitepaper reviews how to prepare your organization for detecting and responding to security incidents, explores the […]

aws security whitepaper

Added 1 month ago

https://aws.amazon.com/blogs/security/understanding-aws-cloudhsm-cluster-synchronization/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_cloudhsm&linkId=50579720

Feb 17, 2025: This blog post references AWS CloudHSM Client SDK 3, which is no longer the recommended version. AWS recommends that you use the latest version, AWS CloudHSM Client SDK 5, which provides updated functionality and commands. We are currently working on an updated blog post for CloudHSM Client SDK 5. See the AWS […]

amazon aws encryption hardware security modules security

Added 1 month ago

https://aws.amazon.com/blogs/security/visualizing-amazon-guardduty-findings/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_visualize_GuardDuty&linkId=56505852

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help protect your AWS accounts and workloads. Enable GuardDuty and it begins monitoring for: Anomalous API activity Potentially unauthorized deployments and compromised instances […]

aws security visualisation

Added 1 month ago

https://aws.amazon.com/compliance/gdpr-center/?sc_channel=sm&sc_campaign=AWS_Security&sc_publisher=TWITTER&sc_country=Security%20&%20Identity&sc_geo=GLOBAL&sc_outcome=awareness&trk=_TWITTER&sc_content=security_blog_gdpr_center&linkId=50238985

amazon aws regulations security

Added 1 month ago

https://aws.amazon.com/documentation/

amazon aws documentation

Added 1 month ago

https://blog.cryptoaustralia.org.au/2017/11/15/favourite-block-lists-cryptoaustralia/

malware privacy security

Added 1 month ago

https://blog.docker.com/2018/12/simplifying-kubernetes-with-docker-compose-and-friends/

This year at Microsoft Build, Docker will blend developer experience, security, and AI innovation with our latest product announcements. Whether you attend in person at the Seattle Convention Center or tune in online, you’ll see how Docker is redefining the way teams build, secure, and scale modern applications. Docker’s Vision for Developers At Microsoft Build...

docker k8s

Added 1 month ago