New – Use AWS IAM Access Analyzer in AWS Organizations

Last year at AWS re:Invent 2019, we released AWS Identity and Access Management (IAM) Access Analyzer that helps you understand who can access resources by analyzing permissions granted using policies for Amazon Simple Storage Service (S3) buckets, IAM roles, AWS Key Management Service (KMS) keys, AWS Lambda functions, and Amazon Simple Queue Service (SQS) queues. Read more about New – Use AWS IAM Access Analyzer in AWS Organizations[…]

New for Amazon EFS – IAM Authorization and Access Points

When building or migrating applications, we often need to share data across multiple compute nodes. Many applications use file APIs and Amazon Elastic File System (EFS) makes it easy to use those applications on AWS, providing a scalable, fully managed Network File System (NFS) that you can access from other AWS services and on-premises resources. EFS scales Read more about New for Amazon EFS – IAM Authorization and Access Points[…]

Identify Unintended Resource Access with AWS Identity and Access Management (IAM) Access Analyzer

Today I get to share my favorite kind of announcement. It’s the sort of thing that will improve security for just about everyone that builds on AWS, it can be turned on with almost no configuration, and it costs nothing to use. We’re launching a new, first-of-its-kind capability called AWS Identity and Access Management (IAM) Read more about Identify Unintended Resource Access with AWS Identity and Access Management (IAM) Access Analyzer[…]

New for Identity Federation – Use Employee Attributes for Access Control in AWS

When you manage access to resources on AWS or many other systems, you most probably use Role-Based Access Control (RBAC). When you use RBAC, you define access permissions to resources, group these permissions in policies, assign policies to roles, assign roles to entities such as a person, a group of persons, a server, an application, Read more about New for Identity Federation – Use Employee Attributes for Access Control in AWS[…]