Security, Identity, & Compliance
Securely run your business with the most flexible and secure cloud computing environment available. Benefit from AWS data centers and a network architected to protect your information, applications, and devices. Meet core security requirements, such as data locality, protection, and confidentiality with our comprehensive services and features.
Recent questions
see all1 / 18
- Scenario: I built an event-driven AI pipeline on AWS with the following architecture: EventBridge → SQS → Lambda → Amazon Bedrock → Step Functions → DynamoDB Problem: Every service appeared healthy. ...asked 2 hours ago
- Installed AWS Security Agent and integrated with GitHub. On creation of a code review it consistently returns:"The pentest is not authorized to assume the service role" Steps taken: 1. Verified tru...
- I am seeing what appears to be a change in the Amazon Inspector2 EventBridge payload for enhanced ECR image scan completion events. We have an EventBridge rule that listens for Inspector2 scan comple...
- Since 2026-06-09, every CloudFormation create of a DNS-validated ACM certificate in eu-central-1 fails for us with: Resource handler returned message: "Connection pool shut down" (HandlerErrorCode:...
- I registered to use Amazon SES SMTP for my dental clinic's website, but they did not grant production access. We were only going to send appointment notification emails, that is, transactional emails....
- AWS Lambda added support for the python3.14 managed runtime in November 2025, but Amazon Inspector still does not scan Lambda functions using this runtime — for either standard scanning (package vulne...
- I have an expired ssl certificate for the domain beetlesmartphonesecurity.com i need to be guided on how to renew it on my aws server kindly
- I have a Lambda function whose Function URL is configured with AuthType = AWS_IAM (us-east-1). Behavior: - SigV4-signing a request to the Function URL as an IAM USER (which has lambda:InvokeFunctionU...
- I'm learning about CloudFront. I've set up a distribution using the free flat-rate plan. I've created an origin pointing to my EC2 instance and created a security group allowing access from the Clou...
- We are experiencing a complete outage of our AWS Client VPN endpoint. All users are unable to connect, and the AWS VPN Client shows "Waiting for identity..." indefinitely. The endpoint ID is cvpn-end...
- We have an AWS account where the only account available to us is an IAM user named DDI_ADMIN. We can log in successfully, but we receive Access Denied errors for billing, account settings, IAM functio...
- My IdP only supports the transient NameID format. However, I could not find any documentation or configuration option in AWS Cognito to support transient NameID. By default, Cognito appears to requir...
- I set up Security Hub and AWS Config across my AWS Organization a few years ago using the AWS-provided StackSets. Everything has been running fine with no changes on my end. Recently, Config.1 started...
- Hi AWS Community, I am seeking some advice regarding a pending charge waiver request. I am a final-year software engineering student, and I recently incurred an unexpected charge of $95.50 (including...
- Hello, Is there possible to add MFA authentication for an existing Cognito user, with a TOTP from an authenticator app such as Authy ? I tried from `Update MFA configuration` screen, but I got the ...
- ``` { "Version":"2012-10-17", "Statement": [ { "Action": [ "appsync:ListApiKeys", "chatbot:*", "codecommit:GetFile", "codecommit:GetCommit", "code...asked 10 days ago
- How to resolve this issue or if possible through live chat so please share me live chat link or Email Address of AWS Or Technical setting Help Desk Dear AWS Support Team, ...
- Hello AWS Support Team, I need urgent assistance regarding my suspended AWS account. The AWS verification request email was automatically routed to my spam folder, so I was not aware that AWS requir...
Recent Knowledge Center content
see all1 / 18
Recent articles
see all1 / 18
Jeongho KimSUPPORT ENGINEERpublished 6 hours ago0 votes7 viewsAfter enabling IAM Identity Center authentication on an AMG workspace, you may find that users or groups cannot be found, or group assignment fails with a `Failed to associate identity, type: SSO_GROU...
PraneethaEXPERTpublished 2 days ago1 votes37 viewsAmazon S3 Files requires two IAM roles for bidirectional sync. A common misconfiguration — using aws:SourceAccount instead of aws:ResourceAccount in the sync role's inline policy — causes files to sil...- KinjanEXPERTpublished 4 days ago0 votes59 viewsThis guide provides step-by-step instructions to enable **AWS Security Incident Response (SIR)** using the AWS Command Line Interface (CLI). AWS Security Incident Response helps you prepare for, respo...
- JohnTEXPERTpublished 7 days ago0 votes37 viewsExplains how TA (static best-practice checks) and DevOps Agent (incident-pattern analysis) complement each other for layered incident prevention.
- MassimilianoAWSEXPERTpublished 7 days ago0 votes64 viewsMany MCP server only support DCR to obtain the client id and secret required to create an AgentCore Indentity credential provider. This article guides you through the process to follow in order correc...
- Ashish JaiswalEXPERTpublished 15 days ago2 votes182 viewsThis article shows how to automatically trigger an AWS DevOps Agent investigation when Amazon CloudWatch Network Flow Monitor (NFM) detects network degradation. When NFM identifies retransmission time...
- Heverin, StephenEXPERTpublished 17 days ago0 votes73 viewsJoin our experts LIVE on Twitch to see how AI-powered DevOps agents can accelerate your infrastructure troubleshooting!
- SaurabhEXPERTpublished 18 days ago3 votes169 viewsThis article demonstrates the common failure modes when you integrate AWS DevOps Agent with ServiceNow for bidirectional incident handling, along with their resolution steps.
- VenkataEXPERTpublished 21 days ago0 votes87 viewsCustomers using Snowflake's Workload Identity Federation (WIF) with AWS Glue may encounter a "No AWS region was found" error because the Glue proxy layer blocks boto3's automatic region detection. Thi...
- Tyler_PEXPERTpublished 21 days ago0 votes59 viewsStep-by-step guide for converting RAM organization-based shares to account-ID shares before migrating accounts between AWS Organizations, preventing connectivity loss for shared resources like Transit...
- AlejandroEXPERTpublished 22 days ago6 votes250 viewsThis article helps DevOps, support engineers, and solutions architects quickly understand the flat-rate plan tiers, identify how you can benefit most from them, and guide activation through the consol...
- Ram AchantaEXPERTpublished 22 days ago1 votes346 viewsAs enterprises scale Kiro adoption across multiple business units, finance teams need to attribute subscription costs to the teams consuming them — without building custom infrastructure. This guide d...
- KeyurEXPERTpublished 23 days ago0 votes64 viewsAWS CodeArtifact repository deletion is permanent and cannot be undone. If a repository is accidentally deleted, all packages become permanently unavailable — blocking CI/CD pipelines and potentially ...
- VictorEXPERTpublished 23 days ago3 votes228 viewsUK Cyber Essentials+ certification is a growing requirement for organisations supplying to the UK government. The good news is that as an AWS Enterprise customer, much of the groundwork is already wit...
- Florian TurnwaldEXPERTpublished 24 days ago12 votes107 viewsThis cheatsheet compiles real-world takeaways on FSxN encryption in transit to prevent silent vulnerabilities.
- Florian TurnwaldEXPERTpublished 25 days ago14 votes119 viewsProvides a step-by-step guide to deploying ONTAP's machine-learning protection to detect and mitigate file-level ransomware threats in real time.
- Jason ShenSUPPORT ENGINEERpublished a month ago0 votes109 viewsAfter Amazon GuardDuty Malware Protection for S3 scans an uploaded object, you might want to automatically move clean files to a trusted bucket and quarantine infected files. This article shows how to...
- Kiran PrakashEXPERTpublished a month ago0 votes126 viewsThis article helps users who are integrating Grafana with AWS DevOps Agent via webhooks and receiving a `400 Bad Request` error when alerts fire from the Grafana UI, despite the webhook working correc...
Recent selections
see all1 / 12
- AWS OFFICIALUpdated 2 months ago1 votes191 viewsAWS Official content is created by a team of technical experts, professional writers, and editors within AWS. They work together to make sure that the information is clear, comprehensive, and aligned ...
- AWS OfficialMODERATORpublished 2 months ago0 votes171 viewsThis spotlight on AWS IAM equips you with skills and troubleshooting best practices to secure and manage access to your AWS resources effectively.
- AWS OfficialMODERATORpublished 8 months ago1 votes312 viewsThis spotlight on Amazon Cognito equips you with the skills and troubleshooting best practices to get the most out of this cost effective service.
- AWS OfficialEXPERTpublished 2 years ago0 votes988 viewsThis spotlight on IAM equips you with the skills and troubleshooting tips to get the most out of a powerful service.
- AWS OFFICIALUpdated 3 days ago11 votes32.2K viewsThe AWS Trust & Safety Center provides curated knowledge of AWS resources that can assist you in your cloud journey.
- Osvaldo MarteEXPERTpublished 2 years ago2 votes18.6K viewsThis selection focuses on the essential AWS networking services, providing a comprehensive overview of tools and technologies available to build and manage secure, scalable, and high-performing networ...
- Antonio LagrotteriaEXPERTpublished 2 years ago4 votes28.3K viewsA selection of architectural patterns and tips to leverage secure cross-account APIs, showing ingress, egress and inspection reference architectures
- Jonathan_DEXPERTpublished 3 years ago4 votes12.3K viewsDo you have critical workloads running in AWS? Review these handpicked resources to find ways to ensure your applications are resilient to failures.
- AWS OFFICIALUpdated 3 years ago0 votes98 viewsThis selection includes content and solutions supporting FSI related compliance and requirements covering security, immutable storage, and general guidance.
- AWS OFFICIALUpdated 3 years ago0 votes239 viewsAs a best practice, AWS recommends that you use AWS Identity and Access Management (IAM) roles instead of IAM users with long-term credentials such as access keys.
- AWS OFFICIALUpdated 3 years ago0 votes57 viewsAccelerate your business transformation goals with a managed service that combines compute, network and storage capabilities in a fully supported, ready-to-run service from VMware and AWS.
- AWS OFFICIALUpdated 3 years ago0 votes8.2K viewsAre you getting 403 Access Denied errors with your Amazon Simple Storage Service (Amazon S3) operations? Review this list of handpicked resources to identify the root cause and troubleshooting instruc...
1 / 18
Riku_Kobayashi
EXPERTGary Mclean
EXPERTsecondabhi_aws
EXPERTOleksii Bebych
EXPERTGreg
EXPERTKidd Ip
EXPERTOsvaldo Marte
EXPERTBehrens, Isaac
EXPERTSedat SALMAN
EXPERTAdeleke Adebowale .J.
EXPERTTushar Jagdale
EXPERTMatt Barbieri
EXPERTFlorian Turnwald
EXPERTAWS-User-alantam
EXPERTIndranil Banerjee AWS
EXPERTTakahito Iwasa
EXPERTMassimilianoAWS
EXPERTGK
EXPERT
Learn AWS faster by following popular topics
1 / 6
