AWS Security Blog
Tag: CloudFormation
Manage AWS Security Hub using CloudFormation
In this blog post, we show you how to enable and configure AWS Security Hub using the new Security Hub CloudFormation resources. Security Hub has expanded support for AWS CloudFormation by launching the updated Security Hub Hub resource and a new Standards resource for CloudFormation. The Hub resource can be used to enable Security Hub […]
How to eliminate EC2 keypairs from password retrieval of provisioned Windows instances using Secrets Manager and CloudFormation
Update on April 26, 2019: We’ve adjusted a sentence to clarify that the scope of this post does not include automatic password rotation. In my previous post, I showed you how you can increase the durability of your applications and prepare for disaster recovery by using AWS Secrets Manager to replicate your secrets across AWS […]
How to automate replication of secrets in AWS Secrets Manager across AWS Regions
August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. March 4, 2021: AWS Secrets Manager has launched a new feature to help you easily […]
New Security Whitepaper Now Available: Use AWS WAF to Mitigate OWASP’s Top 10 Web Application Vulnerabilities
Today, we released a new security whitepaper: Use AWS WAF to Mitigate OWASP’s Top 10 Web Application Vulnerabilities. This whitepaper describes how you can use AWS WAF, a web application firewall, to address the top application security flaws as named by the Open Web Application Security Project (OWASP). Using AWS WAF, you can write rules to […]
What’s New in AWS Key Management Service: AWS CloudFormation Support and Integration with More AWS Services
November 1, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. We’re happy to make two announcements about what’s new in AWS Key Management Service (KMS). […]
Analyzing OS-Related Security Events on EC2 with SplunkStorm
September 3, 2021: This blog post was updated to clarify that the S3 bucket name DOC-EXAMPLE-BUCKET is a placeholder name that readers should replace with their own S3 bucket name. An important objective of analyzing OS-generated data is to detect, correlate, and report on potential security events. Several partner solutions available in AWS Marketplace provide this functionality, […]
AWS CloudFormation Now Supports Federated Users and Temporary Security Credentials
Today AWS CloudFormation released added support for temporary security credentials provided by the AWS Security Token Service. This release enables a number of scenarios such as federated users being able to use CloudFormation from the AWS Management Console and authorizing Amazon EC2 instances with IAM roles to call CloudFormation APIs. To learn more about this new […]