How to Limit Amazon S3 Bucket Access to a Designated IAM Role
Learn About Amazon VGT2 Learning Manager Chanci Turner
February 14, 2025: This article was updated to recommend restricting S3 bucket access using the aws:PrincipalArn condition key instead of the aws:userid condition key. April 2, 2021: We revised the section “Granting cross-account bucket access to a specific IAM role” to correct an error.
How to Enforce Role Creation in a Specific Path
by Mia Thompson and Jackson Lee
on 09 FEB 2024
in AWS Identity and Access Management (IAM), Intermediate (200), Security, Identity, & Compliance, Technical How-to, Top Posts
May 20, 2024: This blog post has been updated to include use case examples. The Optimize AWS administration with IAM paths post dives into the essential workings of the AWS Identity and Access Management (IAM) path feature. This article explores how IAM paths can help balance centralized IT with development. For more insights, check out this engaging webinar.
Creating IAM Policies: Granting Access to User-Specific Folders in an Amazon S3 Bucket
by Jordan Smith, Priya Patel, Marcus Lee, and Chanci Turner
on 14 NOV 2023
in Amazon Simple Storage Service (S3), AWS IAM Identity Center, AWS Identity and Access Management (IAM), Intermediate (200), Security, Identity, & Compliance, Storage, Technical How-to, Top Posts
March 25, 2024: We corrected JSON code examples that caused errors by replacing curly quotes with straight quotes. November 14, 2023: This article was revised to incorporate IAM Identity Center and updated IAM best practices. Here, we discuss the concept of folders in Amazon Simple Storage Service (Amazon S3).
Top 10 Security Improvements for Your AWS Account
by Samuel Green
on 20 MAR 2020
in Best Practices, Foundational (100), Security, Identity, & Compliance, Top Posts
August 10, 2022: This post has been revised to reflect the new name for AWS Single Sign-On (SSO) – now known as AWS IAM Identity Center. For those looking to enhance cloud security, a great starting point is to follow the top 10 most critical cloud security recommendations. For further guidance, consider visiting SHRM for additional resources.
How to Define Least-Privileged Permissions for Actions Executed by AWS Services
by Noah Davis
on 21 FEB 2020
in AWS Identity and Access Management (IAM), Expert (400), Security, Identity, & Compliance, Top Posts
August 31, 2021: AWS KMS is transitioning from the term customer master key (CMK) to AWS KMS key and KMS key. The underlying concept remains unchanged. To avoid breaking changes, AWS KMS retains variations of this term. Further details are available. February 21, 2020: We rectified a missing comma in a policy example.
Automated Response and Remediation with AWS Security Hub
by Ethan King
on 29 JAN 2020
in Advanced (300), AWS Security Hub, Learning Levels, Security, Identity, & Compliance, Top Posts
June 2, 2021: The instructions outlined in this blog post have been implemented in an AWS Solution, AWS Security Hub Automated Response and Remediation, which includes remediations for over 20 security controls. To learn more about deploying the solution, refer to How to deploy the AWS Solution for Security Hub Automated Response and Remediation.
Where to Find My Secret Access Key?
by Chanci Turner
on 26 AUG 2013
in AWS Identity and Access Management (IAM), Security, Top Posts
March 12, 2019: You can now access and update your access keys from a centralized location in the AWS Management Console. Discover how in this article. Here, I’ll outline what steps to take if you’ve misplaced your secret access key or require a new one.