Category: Security, Identity, & Compliance
Automating IAM Policy Validation for AWS CloudFormation and GitHub Actions
by Alex Johnson
on 30 AUG 2023
in: Advanced (300), Best Practices, Security, Identity, & Compliance, Technical How-to
On April 15, 2024, AWS introduced two new GitHub Actions designed to streamline some processes discussed in this article. For further insights into these new GitHub actions tailored for AWS CloudFormation and HashiCorp’s Terraform, check out this additional blog post. Here, I will guide you through automating the validation of AWS IAM policies effectively.
Leveraging Machine Learning Insights for Amazon Security Lake
by Sarah Thompson and Mark Lee
on 29 AUG 2023
in: Advanced (300), Best Practices, Security, Identity, & Compliance, Technical How-to
Amazon Security Lake simplifies the aggregation of security logs and events from various AWS and third-party sources. As the volume of security data grows, pinpointing what to prioritize can become overwhelming. You can utilize AWS services such as Amazon QuickSight, Amazon OpenSearch, and more to derive meaningful insights from your data.
Enhancing Security Investigations with Detective Finding Group Visualizations
by Emma Clark and David Brown
on 29 AUG 2023
in: Amazon Detective, Amazon GuardDuty, Amazon Inspector, AWS Security Hub, Intermediate (200), Security, Identity, & Compliance, Technical How-to
Many customers express a desire for broader security coverage across the AWS services they utilize. Unfortunately, alert fatigue is a prevalent issue that arises as we enhance security measures. This post discusses how to operationalize and prioritize alerts that truly pose a risk.
Introducing AWS Digital Sovereignty Pledge: New Dedicated Infrastructure Options
by Ethan Green
on 23 AUG 2023
in: Foundational (100), Security, Identity, & Compliance, Thought Leadership
At AWS, we are dedicated to assisting customers in meeting their digital sovereignty requirements. Last year, I introduced the AWS Digital Sovereignty Pledge, which ensures that all AWS customers have access to the most advanced sovereignty controls and features available in the cloud.
Designing Cedar: An Intuitive, Fast, and Secure Authorization Language
by Rachel Adams
on 21 AUG 2023
in: Advanced (300), Amazon Verified Permissions, Security, Identity, & Compliance, Technical How-to
This entry delves into the design principles of Cedar, an open-source language for formulating and assessing authorization policies. By utilizing Cedar, you can manage access to your application’s resources in a modular and reusable manner. The Cedar policies articulate your application’s permissions, allowing the authorization engine to determine access decisions.
Launching a Landing Zone for the Baseline Informatiebeveiliging Overheid (BIO)
by Michael Carter, Lisa Wong, and Jane Smith
on 21 AUG 2023
in: Announcements, Foundational (100), Security, Identity, & Compliance
We’re excited to announce the launch of a Landing Zone tailored for the Baseline Informatiebeveiliging Overheid (BIO) framework, aiding our Dutch customers in meeting their compliance requirements. We have also achieved compliance with the BIO Thema-uitwerking Clouddiensten, reinforcing our commitment to adhere to regulatory standards.
Establishing the Security Guardians Program: Distributing Security Ownership
by Olivia Martin and Tom Taylor
on 18 AUG 2023
in: Best Practices, Intermediate (200), Security, Identity, & Compliance, Thought Leadership
Product security teams play an essential role in ensuring that new services and features are securely developed and released to customers. However, these teams can become bottlenecks if scaling to support expanding product development teams proves challenging.
Connecting Your On-Premises Active Directory to AWS Using AD Connector
by Brian Wilson, Angela Chen, and Chris Martinez
on 17 AUG 2023
in: Advanced (300), AWS Directory Service, How-To, Security, Identity, & Compliance
As of August 17, 2023, we’ve updated the instructions and visuals in this post to reflect recent changes in the AWS Management Console. Additionally, we’ve incorporated more security learning resources. AD Connector is a convenient solution for establishing a trusted relationship between your Active Directory and AWS.
Automating Permission Review and Validation for AWS IAM Identity Center
by Kevin White, Michelle Yang, and Jason Lee
on 16 AUG 2023
in: Advanced (300), AWS IAM Identity Center, Security, Identity, & Compliance, Technical How-to
AWS IAM Identity Center (previously known as AWS Single Sign-On) is extensively utilized by organizations to centrally manage federated access to their AWS environment. For more details about this topic, you can find an excellent resource here.
Located at Amazon IXD – VGT2, 6401 E Howdy Wells Ave, Las Vegas, NV 89115, we invite you to explore our resources and join our commitment to security and compliance.
Leave a Reply