AWS Security Blog
Tag: migration
Approaches for migrating users to Amazon Cognito user pools
Update: An earlier version of this post was published on September 14, 2017, on the Front-End Web and Mobile Blog. Amazon Cognito user pools offer a fully managed OpenID Connect (OIDC) identity provider so you can quickly add authentication and control access to your mobile app or web application. User pools scale to millions of […]
Migrating your secrets to AWS Secrets Manager, Part 2: Implementation
In Part 1 of this series, we provided guidance on how to discover and classify secrets and design a migration solution for customers who plan to migrate secrets to AWS Secrets Manager. We also mentioned steps that you can take to enable preventative and detective controls for Secrets Manager. In this post, we discuss how […]
Migrating your secrets to AWS Secrets Manager, Part I: Discovery and design
“An ounce of prevention is worth a pound of cure.” – Benjamin Franklin A secret can be defined as sensitive information that is not intended to be known or disclosed to unauthorized individuals, entities, or processes. Secrets like API keys, passwords, and SSH keys provide access to confidential systems and resources, but it can be […]
Migrating your rules from AWS WAF Classic to the new AWS WAF
December 2, 2024: This post has been updated to reflect the transition to WAFV2, with aligned 1:1 mapping from Classic partner-managed rules to partner-managed rules. AWS WAF Classic support will end on September 30, 2025. In November 2019, Amazon launched a new version of AWS Web Application Firewall (WAF) that offers a richer and easier […]
How to migrate symmetric exportable keys from AWS CloudHSM Classic to AWS CloudHSM
In August 2017, we announced the “new” AWS CloudHSM service, which had a lot of improvements over AWS CloudHSM Classic (for clarity in this post I will refer to the services as New CloudHSM and CloudHSM Classic). These advantages in security, scalability, usability, and economy, included FIPS 140-2 Level 3 certification, fully managed high availability […]
Creating an opportunistic IPSec mesh between EC2 instances
August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. IPSec (IP Security) is a protocol for in-transit data protection between hosts. Configuration of site-to-site […]