Category: Security, Identity, & Compliance

AWS Security Hub is a cloud security posture management (CSPM) service that performs security best practice checks across your HAQM Web Services (AWS) accounts and AWS Regions, aggregates alerts, and enables automated remediation. Security Hub is designed to simplify and streamline the management of security-related data from various AWS services and third-party tools. It provides […]

Have you ever pondered the intricate workings of generative artificial intelligence (AI) models, especially how they process and generate responses? At the heart of this fascinating process lies the context window, a critical element determining the amount of information an AI model can handle at a given time. But what happens when you exceed the […]

HAQM Virtual Private Cloud (HAQM VPC) provides two options for controlling network traffic: network access control lists (ACLs) and security groups. A network ACL defines inbound and outbound rules that allow or deny traffic based on protocol, IP address range, and port range. Security groups determine which inbound and outbound traffic is allowed on a […]

August 8, 2024: We updated this post to include HAQM Neptune on the initial service list. July 16, 2024: We updated this post to include AWS Wickr on the initial service list. English | French | German | Italian | Spanish Last month, we shared that we are investing €7.8 billion in the AWS European […]

February 25, 2025: The FAQ in this post was updated to indicate that AWS services also use certificates from ACM, and users relying on the certificate chain used by such services could be impacted. October 18, 2024: We’ve updated the rollout timeline, description for certificate pinning, and FAQ to reflect the latest third-party platforms that […]

March 7, 2025: This post was republished to update the code, architecture, and narrative introducing the launch of Single Sign-on and trusted identity propagation support for HAQM Redshift Data API with AWS IAM Identity Center. With the introduction of trusted identity propagation, applications can now propagate a user’s workforce identity from their identity provider (IdP) […]

We continue to expand the scope of our assurance programs at HAQM Web Services (AWS) and are pleased to announce that 113 services are now certified as compliant with the Cloud Infrastructure Services Providers in Europe (CISPE) Data Protection Code of Conduct. This alignment with the CISPE requirements demonstrates our ongoing commitment to adhere to the heightened expectations for […]

The latest version of the AWS HITRUST Shared Responsibility Matrix (SRM)—SRM version 1.4.3—is now available. To request a copy, choose SRM version 1.4.3 from the HITRUST website. SRM version 1.4.3 adds support for the HITRUST Common Security Framework (CSF) v11.3 assessments in addition to continued support for previous versions of HITRUST CSF assessments v9.1–v11.2. As […]

As independent software vendors (ISVs) shift to a multi-tenant software-as-a-service (SaaS) model, they commonly adopt a shared infrastructure model to achieve cost and operational efficiency. The more ISVs move into a multi-tenant model, the more concern they may have about the potential for one tenant to access the resources of another tenant. SaaS systems include […]

July 16, 2024: We updated the code in this post and some of the CloudFormation parameters. HAQM Elastic Kubernetes Service (HAQM EKS) offers a powerful, Kubernetes-certified service to build, secure, operate, and maintain Kubernetes clusters on HAQM Web Services (AWS). It integrates seamlessly with key AWS services such as HAQM CloudWatch, HAQM EC2 Auto Scaling, […]