AWS Security Blog
Category: Management Tools
Sharing AWS CloudTrail Log Files Between Accounts
If you use AWS CloudTrail to log API calls in your account, you can share your log files with other AWS accounts, whether you own those accounts or not. In this post, Greg Pettibone, a technical writer on the CloudTrail team, walks through some cross-account scenarios to show you how. AWS CloudTrail captures information about […]
AWS CloudTrail Now Logs AWS Management Console Sign-In Events
We’ve heard from many of you that you want greater visibility into when users sign in to the AWS Management Console. We are excited to announce that AWS CloudTrail now captures console sign-in events whenever an account owner, a federated user, or an IAM user signs into the console. For those of you who aren’t […]
Use AWS CloudFormation to Configure Web Identity Federation
Web identity federation in AWS STS enables you to create apps where users can sign in using a web-based identity provider like Login with Amazon, Facebook, or Google. Your app can then trade identity information from the provider for temporary security credentials that the app can use to access AWS. The AWS mobile development team […]
New Whitepaper: Security at Scale: Logging in AWS
The newly released Security at Scale: Logging in AWS whitepaper is designed to illustrate how AWS CloudTrail can help you meet compliance and security requirements through the logging of API calls. The API call history can be used to track changes to resources, perform security analysis, operational troubleshooting and as an aid in meeting compliance […]
Announcing Resource-Level Permissions for AWS OpsWorks
We are pleased to announce that AWS OpsWorks now supports resource-level permissions. AWS OpsWorks is an application management service that lets you provision resources, deploy and update software, automate common operational tasks, and monitor the state of your environment. You can optionally use the popular Chef automation platform to extend OpsWorks using your own custom […]
AWS CloudFormation Now Supports Federated Users and Temporary Security Credentials
Today AWS CloudFormation released added support for temporary security credentials provided by the AWS Security Token Service. This release enables a number of scenarios such as federated users being able to use CloudFormation from the AWS Management Console and authorizing Amazon EC2 instances with IAM roles to call CloudFormation APIs. To learn more about this new […]