AWS Security Blog
Tag: IAM
Easier Role Selection for SAML-Based Single Sign-On
At the end of 2013, we introduced single sign-on to the AWS Management Console using the Security Assertion Markup Language (SAML) 2.0. This enables you to use your organization’s existing identity system to sign in to the console without having to provide AWS credentials. Today we’re happy to announce that, in response to your feedback, […]
In Case You Missed Them: Some Recent Security Enhancements in AWS
With the steady cadence of updates and enhancements for AWS services, it can sometimes be easy to miss announcements about features that relate to security. Here are some recent security-related updates in AWS services that we’re excited about and that you might not have heard about. AWS Trusted Advisor inspects your AWS environment and finds […]
Amazon CloudSearch: Now with More Granular Access Control for Domains
Yesterday, Amazon CloudSearch released a new version that is fully integrated with AWS Identity and Access management (IAM) and enables you to control access to a domain’s document and search services. Jon Handler, an AWS Solution Architect who specializes in search, describes the new features. In March, we released a new Amazon CloudSearch API that […]
Introducing the Redesigned IAM Console
We are excited to announce the redesigned IAM console, now with a streamlined look and feel that makes it even easier to manage your IAM settings. We’ve made it more convenient to manage large resource lists (for example, hundreds of users, groups, or roles), eliminated tab switching, and optimized the console to offer a better […]
AWS CloudTrail Now Logs AWS Management Console Sign-In Events
We’ve heard from many of you that you want greater visibility into when users sign in to the AWS Management Console. We are excited to announce that AWS CloudTrail now captures console sign-in events whenever an account owner, a federated user, or an IAM user signs into the console. For those of you who aren’t […]
How Does Amazon Cognito Relate to Existing Web Identity Federation?
As you might have seen, AWS recently released Amazon Cognito, a user identity and data synchronization service that helps you securely manage and synchronize app data for your users across their mobile devices. If you develop mobile apps that call AWS services, you definitely want to check out Amazon Cognito. What is Amazon Cognito? Amazon […]
Enhanced IAM Capabilities for the AWS Billing Console
In this post, Graham Evans, a developer on the AWS Billing team, describes new security features that expand how you can secure access to billing information in your AWS account. My team—AWS Billing— recently released the new and improved Billing and Cost Management Console. We’re now happy to introduce an improvement to the access and […]
A New and Standardized Way to Manage Credentials in the AWS SDKs
One of the advantages of using the AWS SDKs for programmatic access to AWS is that the SDKs handle the task of signing requests. All you have to do is provide AWS credentials (access key id and secret access key), and when you invoke a method that makes a call to AWS, the SDK translates […]
Want Help with Securing Your AWS Account? Here Are Some Resources
Some customers have asked how they should be using AWS Identity and Access Management (IAM) to help limit their exposure to problems like those that have recently been in the news. In general, AWS recommends that you enable multi-factor authentication (MFA) for your AWS account and for IAM users who are allowed to perform sensitive […]
New in Amazon EMR: Support for Federated Users
AWS announced yesterday that Amazon Elastic MapReduce (EMR) added support for federated users. If you use Amazon EMR, you can now enable users to administer Amazon EMR clusters who are signed in to your corporate network using their corporate credentials—you no longer need to create IAM users for access to EMR. Up to now, federated […]