Tag: Sébastien Stormacq

ATTENTION BLOG POST REVIEWERS—please note the following before beginning your review: (1) Focus your review on technical accuracy. (2) Provide comments. Do not try to rewrite the post, as that may result in your post being canceled. (3) Respect the writer’s voice. If you see a typo or grammatical mistake, you can cite it, but decisions of word choice, style, and structure are at the writer’s discretion. Thank you for respecting our production process. Security is our top priority at Amazon Web Services (AWS), and today, we’re launching two capabilities to help you strengthen the security posture of your AWS accounts: First, we’re adding passkeys to the list of supported multi-factor authentication (MFA) for your root and AWS Identity and Access…

I am pleased to announce a new use case based on trusted identity propagation, a recently introduced capability of AWS IAM Identity Center. Tableau, a commonly used business intelligence (BI) application, can now propagate end-user identity down to Amazon Redshift. This has a triple benefit. It simplifies the sign-in experience for end users. It allows data owners to define access based on real end-user identity. It allows auditors to verify data access by users. Trusted identity propagation allows applications that consume data (such as Tableau, Amazon QuickSight, Amazon Redshift Query Editor, Amazon EMR Studio, and others) to propagate the user’s identity and group memberships to the services that store and manage access to the data, such as Amazon Redshift, Amazon Athena,…

AWS Summit season is in full swing around the world, with last week’s events in Bengaluru, Berlin, and  Seoul, where my blog colleague Channy delivered one of the keynotes. Last week’s launches Here are some launches that got my attention: Amazon S3 will no longer charge for several HTTP error codes – A customer reported how he was charged for Amazon S3 API requests he didn’t initiate and which resulted in AccessDenied errors. The Amazon Simple Storage Service (Amazon S3) service team updated the service to not charge such API requests anymore. As always when talking about pricing, the exact wording is important, so please read the What’s New post for the details. Introducing Amazon EC2 C7i-flex instances – These…

Starting today, you can configure your DNS Firewall to automatically trust all domains in a resolution chain (such as aCNAME, DNAME, or Alias chain). Let’s walk through this in nontechnical terms for those unfamiliar with DNS. Why use DNS Firewall? DNS Firewall provides protection for outbound DNS requests from your private network in the cloud (Amazon Virtual Private Cloud (Amazon VPC)). These requests route through Amazon Route 53 Resolver for domain name resolution. Firewall administrators can configure rules to filter and regulate the outbound DNS traffic. DNS Firewall helps to protect against multiple security risks. Let’s imagine a malicious actor managed to install and run some code on your Amazon Elastic Compute Cloud (Amazon EC2) instances or containers running inside…