AWS Security Blog
Tag: Amazon CloudWatch
How to Monitor AWS Account Configuration Changes and API Calls to Amazon EC2 Security Groups
You can use AWS security controls to detect and mitigate risks to your AWS resources. The purpose of each security control is defined by its control objective. For example, the control objective of an Amazon VPC security group is to permit only designated traffic to enter or leave a network interface. Let’s say you have […]
How to Configure Rate-Based Blacklisting with AWS WAF and AWS Lambda
Note from July 3, 2017: The solution in this post has been integrated into AWS WAF Security Automations, and AWS maintains up-to-date solution code in the companion GitHub repository. One security challenge you may have faced is how to prevent your web servers from being flooded by unwanted requests, or scanning tools such as bots and […]
AWS Key Management Service Now Supports Deletion of Encryption Keys
Today, AWS launched a new feature that lets you delete your encryption keys managed in AWS Key Management Service (KMS). You can now manage the complete lifecycle of your keys from creation to usage to disablement to deletion. In this blog post, I will explain the changes introduced with this new feature, tell you what […]
Learn About the Rest of the Security and Compliance Track Sessions Being Offered at re:Invent 2015
Previously, I mentioned that the re:Invent 2015 Security & Compliance track sessions had been announced, and I also discussed the AWS Identity and Access Management (IAM) sessions that will be offered as part of the Security & Compliance track. Today, I will highlight the remainder of the sessions that will be presented as part of the […]
How to Receive Notifications When Your AWS Account’s Root Access Keys Are Used
AWS Identity and Access Management (IAM) best practices recommend using IAM users or roles to access your AWS resources, instead of using your root credentials. If you follow this best practice, though, how can you monitor for root activity and take action if such activity occurs? AWS CloudTrail and Amazon CloudWatch provide the solution. In […]
An Instructive Tale About Using IAM Best Practices
An interesting blog post came to our attention recently—My $500 Cloud Security Screw-up by Rich Mogull. He describes how he learned to adhere to several important AWS security principles through several unfortunate events. Mike Pope, senior technical writer for AWS Identity, paraphrases the post here. Rich had inadvertently leaked his AWS access keys, allowing some […]