AWS Security Blog
Category: HAQM Simple Notification Service (SNS)
Improve security incident response times by using AWS Service Catalog to decentralize security notifications
Many organizations continuously receive security-related findings that highlight resources that aren’t configured according to the organization’s security policies. The findings can come from threat detection services like HAQM GuardDuty, or from cloud security posture management (CSPM) services like AWS Security Hub, or other sources. An important question to ask is: How, and how soon, are […]
Mask and redact sensitive data published to HAQM SNS using managed and custom data identifiers
Today, we’re announcing a new capability for HAQM Simple Notification Service (HAQM SNS) message data protection. In this post, we show you how you can use this new capability to create custom data identifiers to detect and protect domain-specific sensitive data, such as your company’s employee IDs. Previously, you could only use managed data identifiers […]
Sign HAQM SNS messages with SHA256 hashing for HTTP subscriptions
HAQM Simple Notification Service (HAQM SNS) now supports message signatures based on Secure Hash Algorithm 256 (SHA256) hashing. HAQM SNS signs the messages that are delivered from your HAQM SNS topic so that subscribed HTTP endpoints can verify the authenticity of the messages. In this blog post, we will show you how to enable message […]
Securing messages published to HAQM SNS with AWS PrivateLink
HAQM Simple Notification Service (SNS) now supports VPC Endpoints (VPCE) via AWS PrivateLink. You can use VPC Endpoints to privately publish messages to SNS topics, from an HAQM Virtual Private Cloud (VPC), without traversing the public internet. When you use AWS PrivateLink, you don’t need to set up an Internet Gateway (IGW), Network Address Translation […]
How to Receive Alerts When Specific APIs Are Called by Using AWS CloudTrail, HAQM SNS, and AWS Lambda
Let’s face it—not all APIs were created equal. For example, you may be really interested in knowing when any of your HAQM EC2 instances are terminated (ec2:TerminateInstance), but less interested when an object is put in an HAQM S3 bucket (s3:PutObject). In this example, you can delete an object, but you can’t bring back that […]