AWS Security Blog
Category: HAQM DynamoDB
Refine permissions for externally accessible roles using IAM Access Analyzer and IAM action last accessed
When you build on HAQM Web Services (AWS) across accounts, you might use an AWS Identity and Access Management (IAM) role to allow an authenticated identity from outside your account—such as an IAM entity or a user from an external identity provider—to access the resources in your account. IAM roles have two types of policies […]
Implement OAuth 2.0 device grant flow by using HAQM Cognito and AWS Lambda
In this blog post, you’ll learn how to implement the OAuth 2.0 device authorization grant flow for HAQM Cognito by using AWS Lambda and HAQM DynamoDB. When you implement the OAuth 2.0 authorization framework (RFC 6749) for internet-connected devices with limited input capabilities or that lack a user-friendly browser—such as wearables, smart assistants, video-streaming devices, […]
Detecting sensitive data in DynamoDB with Macie
HAQM Macie is a fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data in HAQM Web Services (AWS). It gives you the ability to automatically scan for sensitive data and get an inventory of your HAQM Simple Storage Service (HAQM S3) buckets. […]
How to encrypt and sign DynamoDB data in your application
August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. If you store sensitive or confidential data in HAQM DynamoDB, you might want to encrypt […]
Now Available: Encryption at Rest for HAQM DynamoDB
Today, AWS announced HAQM DynamoDB encryption at rest, a new DynamoDB feature that gives you enhanced security of your data at rest by encrypting it using your associated AWS Key Management Service encryption keys. Encryption at rest can help you meet your security requirements for regulatory compliance. You now can create an encrypted DynamoDB table anytime with a single click […]
How to Create an AWS IAM Policy to Grant AWS Lambda Access to an HAQM DynamoDB Table
When managing your AWS resources, you often need to grant one AWS service access to another to accomplish tasks. For example, you could use an AWS Lambda function to resize, watermark, and postprocess images, for which you would need to store the associated metadata in HAQM DynamoDB. You also could use Lambda, HAQM S3, and […]