AWS Security Blog
AWS achieves QI2/QC2 qualification to host critical data and workloads from the Italian Public Administration
Italian version June 24, 2024: This post has been updated to inform you that all AWS cloud services have been qualified by the Italian National Cybersecurity Agency (ACN). Amazon Web Service (AWS) is pleased to announce that, starting from April 15, 2024, all AWS cloud services are now QC2 qualified according to the Italian Agency […]
Deploy AWS WAF faster with Security Automations
You can now deploy AWS WAF managed rules as part of the Security Automations for AWS WAF solution. In this post, we show you how to get started and set up monitoring for this automated solution with additional recommendations. This article discusses AWS WAF, a service that assists you in protecting against typical web attacks […]
Enable external pipeline deployments to AWS Cloud by using IAM Roles Anywhere
June 10, 2024: In February 2024, the workload identity federation feature for Azure DevOps became generally available. This feature is a native way to manage authentication between Azure DevOps and your AWS accounts. October 3, 2023: We updated this post to include the requirement for AWS Toolkit for Azure DevOps in the walkthrough. Continuous integration […]
2023 H1 IRAP report is now available on AWS Artifact for Australian customers
Amazon Web Services (AWS) is excited to announce that a new Information Security Registered Assessors Program (IRAP) report (2023 H1) is now available through AWS Artifact. An independent Australian Signals Directorate (ASD) certified IRAP assessor completed the IRAP assessment of AWS in August 2023. The new IRAP report includes an additional six AWS services, as well as the new AWS […]
How to implement cryptographic modules to secure private keys used with IAM Roles Anywhere
AWS Identity and Access Management (IAM) Roles Anywhere enables workloads that run outside of Amazon Web Services (AWS), such as servers, containers, and applications, to use X.509 digital certificates to obtain temporary AWS credentials and access AWS resources, the same way that you use IAM roles for workloads on AWS. Now, IAM Roles Anywhere allows […]
AWS achieves HDS certification in two additional Regions
Amazon Web Services (AWS) is pleased to announce that two additional AWS Regions—Middle East (UAE) and Europe (Zurich)—have been granted the Health Data Hosting (Hébergeur de Données de Santé, HDS) certification, increasing the scope to 20 global AWS Regions. The Agence Française de la Santé Numérique (ASIP Santé), the French governmental agency for health, introduced […]
Access accounts with AWS Management Console Private Access
December 7, 2023: This blog has been updated to include a paragraph about using aws:SourceVpc IAM condition context key in endpoint policies. AWS Management Console Private Access is an advanced security feature to help you control access to the AWS Management Console. In this post, I will show you how this feature works, share current […]
Understanding DDoS simulation testing in AWS
Distributed denial of service (DDoS) events occur when a threat actor sends traffic floods from multiple sources to disrupt the availability of a targeted application. DDoS simulation testing uses a controlled DDoS event to allow the owner of an application to assess the application’s resilience and practice event response. DDoS simulation testing is permitted on […]
Automatically detect and block low-volume network floods
In this blog post, I show you how to deploy a solution that uses AWS Lambda to automatically manage the lifecycle of Amazon VPC Network Access Control List (ACL) rules to mitigate network floods detected using Amazon CloudWatch Logs Insights and Amazon Timestream. Application teams should consider the impact unexpected traffic floods can have on an application’s availability. Internet-facing applications can […]
AWS achieves ISO/IEC 20000-1:2018 certification for AWS Asia Pacific (Mumbai) and (Hyderabad) Regions
Amazon Web Services (AWS) is proud to announce the successful completion of the ISO/IEC 20000-1:2018 certification for the AWS Asia Pacific (Mumbai) and (Hyderabad) Regions in India. The scope of the ISO/IEC 20000-1:2018 certification is limited to the IT Service Management System (ITSMS) of AWS India Data Center (DC) Operations that supports the delivery of […]