AWS Security Blog
Category: How-To
How to Connect Your On-Premises Active Directory to AWS Using AD Connector
August 17, 2023: We updated the instructions and screenshots in this post to align with changes to the AWS Management Console. April 25, 2023: We’ve updated this blog post to include more security learning resources. AD Connector is designed to give you an easy way to establish a trusted relationship between your Active Directory and […]
How to receive alerts when your IAM configuration changes
June 12, 2024: Update: This post has been updated to deploy the solution in the North Virginia (us-east-1) AWS Region. August 21, 2023: This post had been updated to change from wildcard pattern matching to using “prefixes” for EventBridge pattern rules. July 27, 2023: This post was originally published February 5, 2015, and received a […]
How to Automatically Revert and Receive Notifications About Changes to Your Amazon VPC Security Groups
In a previous AWS Security Blog post, Jeff Levine showed how you can monitor changes to your Amazon EC2 security groups. The methods he describes in that post are examples of detective controls, which can help you determine when changes are made to security controls on your AWS resources. In this post, I take that […]
Register for and Attend this September 28 Tech Talk: “How to Use AWS WAF to Mitigate OWASP Top 10 Attacks”
October 1, 2017, update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Online Tech Talks series, AWS will present How to Use AWS WAF to Mitigate OWASP Top 10 Attacks on Thursday, September 28. This tech talk will start at 9:00 A.M. Pacific Time and end at […]
How to enable server-side LDAPS for your AWS Managed Microsoft AD directory
March 18, 2024: We have made minor updates and clarifications based on customer feedback to the post. June 17, 2022: We simplified this post by removing all manual deployment processes and using only the Microsoft Public Key Infrastructure on AWS Quick Start. January 10, 2022: We’ve updated this post with various minor edits. March 29, […]
How to Query Personally Identifiable Information with Amazon Macie
June 15, 2020: This blog is out of date. Please refer here for the updated info: https://aws.amazon.com/blogs/aws/new-enhanced-amazon-macie-now-available/ In August 2017 at the AWS Summit New York, AWS launched a new security and compliance service called Amazon Macie. Macie uses machine learning to automatically discover, classify, and protect sensitive data in AWS. In this blog post, […]
How to Enable Your Users to Access Office 365 with AWS Managed Microsoft AD
January 18, 2023: We fixed a capitalization issue in a url that was preventing ADFS from authenticating properly in most browers. December 12, 2019: A customer reported that the architecture diagrams had a typo in it, and so we replaced the two diagrams to address the problem. You can now enable your users to access […]
How to Configure an LDAPS Endpoint for Simple AD
September 9, 2020: There’s an updated version of this blog here – https://aws.amazon.com/blogs/security/how-to-configure-ldaps-endpoint-for-simple-ad/. Simple AD, which is powered by Samba 4, supports basic Active Directory (AD) authentication features such as users, groups, and https://aws.amazon.com/blogs/security/how-to-configure-ldaps-endpoint-for-simple-ad/the ability to join domains. Simple AD also includes an integrated Lightweight Directory Access Protocol (LDAP) server. LDAP is a standard application […]
New AWS DevOps Blog Post: How to Help Secure Your Code in a Cross-Region/Cross-Account Deployment Solution on AWS
You can help to protect your data in a number of ways while it is in transit and at rest, such as by using Secure Sockets Layer (SSL) or client-side encryption. AWS Key Management Service (AWS KMS) is a managed service that makes it easy for you to create, control, rotate, and use your encryption keys. AWS […]
How to Establish Federated Access to Your AWS Resources by Using Active Directory User Attributes
To govern federated access to your AWS resources, it’s a common practice to use Microsoft Active Directory (AD) groups. When using AD groups, establishing federation requires the number of AD groups to be equal to the number of your AWS accounts multiplied by the number of roles in each of your AWS accounts. As you […]