Tag: Serverless

This blog post introduces how manufacturers and smart appliance consumers can use HAQM Verified Permissions to centrally manage permissions and fine-grained authorizations. Developers can offer more intuitive, user-friendly experiences by designing interfaces that align with user personas and multi-tenancy authorization strategies, which can lead to higher user satisfaction and adoption. Traditionally, implementing authorization logic using […]

Compliance with the Payment Card Industry Data Security Standard (PCI DSS) is critical for organizations that handle cardholder data. Achieving and maintaining PCI DSS compliance can be a complex and challenging endeavor. Serverless technology has transformed application development, offering agility, performance, cost, and security. In this blog post, we examine the benefits of using AWS […]

Today, we’re announcing a new capability for HAQM Simple Notification Service (HAQM SNS) message data protection. In this post, we show you how you can use this new capability to create custom data identifiers to detect and protect domain-specific sensitive data, such as your company’s employee IDs. Previously, you could only use managed data identifiers […]

HAQM Cognito is a customer identity and access management solution that scales to millions of users. With Cognito, you have four ways to secure multi-tenant applications: user pools, application clients, groups, or custom attributes. In an earlier blog post titled Role-based access control using HAQM Cognito and an external identity provider, you learned how to […]

This solution consists of two parts. In the previous blog post Implement step-up authentication with HAQM Cognito, Part 1: Solution overview, you learned about the architecture and design of a step-up authentication solution that uses AWS services such as HAQM API Gateway, HAQM Cognito, HAQM DynamoDB, and AWS Lambda to protect privileged API operations. In […]

In this blog post, you’ll learn how to protect privileged business transactions that are exposed as APIs by using multi-factor authentication (MFA) or security challenges. These challenges have two components: what you know (such as passwords), and what you have (such as a one-time password token). By using these multi-factor security controls, you can implement […]

Note: This post includes links to third-party websites. AWS is not responsible for the content on those websites. Following the release of HAQM Route 53 Resolver DNS Firewall, HAQM Web Services (AWS) published several blog posts to help you protect your HAQM Virtual Private Cloud (HAQM VPC) DNS resolution, including How to Get Started with […]

This blog post demonstrates how you can secure HAQM API Gateway HTTP endpoints with JSON web token (JWT) authorizers. HAQM API Gateway helps developers create, publish, and maintain secure APIs at any scale, helping manage thousands of API calls. There are no minimum fees, and you only pay for the API calls you receive. Based […]

HAQM Web Services (AWS) recently released PCKS #11 Library version 5.0 for AWS CloudHSM. This blog post describes the changes implemented in the new library. We also cover a simple encryption example with the Advanced Encryption Standard (AES) algorithm in Galois/Counter Mode (GCM), dockerized, running on AWS Fargate. The primary change from the previous SDK […]

January 13, 2025: This post was updated to include code to create Security Hub custom insights through the use of CloudFormation. AWS Security Hub provides a comprehensive view of your security posture in HAQM Web Services (AWS) and helps you check your environment against security standards and best practices. In this post, we’ll show you […]