AWS Certificate Manager (ACM) is a managed service that you can use to provision, manage, and deploy public and private TLS certificates for use with Elastic Load Balancing (ELB), Amazon CloudFront, Amazon API Gateway, and other integrated AWS services. Starting August…
Category: AWS Security Blog
Access AWS services programmatically using trusted identity propagation
With the introduction of trusted identity propagation, applications can now propagate a user’s workforce identity from their identity provider (IdP) to applications running in Amazon Web Services (AWS) and to storage services backing those applications, such as Amazon Simple Storage…
CISPE Data Protection Code of Conduct Public Register now has 113 compliant AWS services
We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that 113 services are now certified as compliant with the Cloud Infrastructure Services Providers in Europe (CISPE) Data Protection Code of Conduct. This alignment…
AWS HITRUST Shared Responsibility Matrix v1.4.3 for HITRUST CSF v11.3 now available
The latest version of the AWS HITRUST Shared Responsibility Matrix (SRM)—SRM version 1.4.3—is now available. To request a copy, choose SRM version 1.4.3 from the HITRUST website. SRM version 1.4.3 adds support for the HITRUST Common Security Framework (CSF) v11.3…
SaaS tenant isolation with ABAC using AWS STS support for tags in JWT
As independent software vendors (ISVs) shift to a multi-tenant software-as-a-service (SaaS) model, they commonly adopt a shared infrastructure model to achieve cost and operational efficiency. The more ISVs move into a multi-tenant model, the more concern they may have about…
How to create a pipeline for hardening Amazon EKS nodes and automate updates
Amazon Elastic Kubernetes Service (Amazon EKS) offers a powerful, Kubernetes-certified service to build, secure, operate, and maintain Kubernetes clusters on Amazon Web Services (AWS). It integrates seamlessly with key AWS services such as Amazon CloudWatch, Amazon EC2 Auto Scaling, and…
AWS completes Police-Assured Secure Facilities (PASF) audit in the Europe (London) Region
We’re excited to announce that our Europe (London) Region has renewed our accreditation for United Kingdom (UK) Police-Assured Secure Facilities (PASF) for Official-Sensitive data. Since 2017, the Amazon Web Services (AWS) Europe (London) Region has been assured under the PASF…
Implementing a compliance and reporting strategy for NIST SP 800-53 Rev. 5
Amazon Web Services (AWS) provides tools that simplify automation and monitoring for compliance with security standards, such as the NIST SP 800-53 Rev. 5 Operational Best Practices. Organizations can set preventative and proactive controls to help ensure that noncompliant resources…
Passkeys enhance security and usability as AWS expands MFA requirements
Amazon Web Services (AWS) is designed to be the most secure place for customers to run their workloads. From day one, we pioneered secure by design and secure by default practices in the cloud. Today, we’re taking another step to…
How to securely transfer files with presigned URLs
Securely sharing large files and providing controlled access to private data are strategic imperatives for modern organizations. In an era of distributed workforces and expanding digital landscapes, enabling efficient collaboration and information exchange is crucial for driving innovation, accelerating decision-making,…