Rolls out tools to automate managing secrets, certificates, firewall policies and compliance data.

Mitch Wagner, Executive Editor, Light Reading

April 4, 2018

3 Min Read
Amazon Automates Cloud Security

Amazon is looking to make it easier for cloud operators to secure their services, with new tools for managing secrets, certificates, firewall policies and compliance data, introduced Wednesday.

Amazon Web Services Inc. announced the new services at the keynote address of its AWS Summit in San Francisco, delivered by CTO Werner Vogels. He issued a clarion call for developers to build security into the entire application process, and not just add security as an afterthought. Security, he said, is everybody's responsibility.

"If something happens at your company it's your doing as well. It's not just the security team's," Vogels said. "We all have to take responsibility if we want to build highly available secure applications."

AWS Secrets Manager is designed to automates creating, storing and managing secrets -- such as database credentials, passwords and API Keys -- across an enterprise. Users can rotate secrets to change them regularly to keep attackers at bay.

Figure 1: Amazon's Vogels Amazon's Vogels

Boost your knowledge of cloud-native software and innovations driving data center transformations! Join us in Austin at the fifth-annual Big Communications Event May 14-16. The event is free for communications service providers -- secure your seat today!

Randall Hunt, a senior technical evangelist at AWS, describes how Secrets Manager works in a post on the AWS blog. If you've used a password manager like LastPass or 1Password, AWS Secrets Manager look like that, but for enterprise use rather than individual users. The service is available now, priced at $0.40 per month per secret and $0.05 per 10,000 API calls.

The company also launched AWS Certificate Manager, Private Certificate Authority, to allow developers to provision and manage certificates that are only available to users inside an organization.

AWS Firewall Manager is designed to allow enterprises to use multiple AWS accounts and host applications across regions while centralizing control over the organization's security settings and profile. The service provides policy enforcement across accounts and applications.

And AWS updated its AWS Config service to aggregate compliance data across accounts and regions. Users can view the aggregated data on a single dashboard, to improve governance and compliance.

AWS also introduced other updates to its services Wednesday.

The company rolled out new storage classes for S3, that are less expensive and less protected than other types, as well as general availability of S3 Select, to retrieve subsets of data from S3 objects using SQL expressions, with up to 400% performance improvements.

AWS launched general availability of its Transcribe transcription service and Translate translation service, which it introduced late last year in private preview. (See Google & Amazon Heat Up Machine Learning Rivalry.)

And it introduced new capabilities for its SageMaker machine learning platform.

Related posts:

— Mitch Wagner Follow me on Twitter Visit my LinkedIn profile Visit my blog Follow me on Facebook Editor, Enterprise Cloud, Light Reading

About the Author(s)

Mitch Wagner

Executive Editor, Light Reading

San Diego-based Mitch Wagner is many things. As well as being "our guy" on the West Coast (of the US, not Scotland, or anywhere else with indifferent meteorological conditions), he's a husband (to his wife), dissatisfied Democrat, American (so he could be President some day), nonobservant Jew, and science fiction fan. Not necessarily in that order.

He's also one half of a special duo, along with Minnie, who is the co-habitor of the West Coast Bureau and Light Reading's primary chewer of sticks, though she is not the only one on the team who regularly munches on bark.

Wagner, whose previous positions include Editor-in-Chief at Internet Evolution and Executive Editor at InformationWeek, will be responsible for tracking and reporting on developments in Silicon Valley and other US West Coast hotspots of communications technology innovation.

Beats: Software-defined networking (SDN), network functions virtualization (NFV), IP networking, and colored foods (such as 'green rice').

Subscribe and receive the latest news from the industry.
Join 62,000+ members. Yes it's completely free.

You May Also Like