ACM ACME support turns certificate automation into a governance problem

AWS Certificate Manager now supports ACME for public certificates, giving teams a standard automation path while keeping domain control, audit, and policy centralized.

Faster S3 access log queries make storage security more usable

AWS shows how CloudWatch and S3 Tables can make S3 access logs easier to query, which helps builders turn storage audit data into operational and security signals.

Secure ML environments need productivity and exfiltration controls together

An AWS architecture using SageMaker AI, VPC endpoints, DNS controls, and WorkSpaces Secure Browser shows how ML teams can protect sensitive data without returning to expensive air-gapped workflows.

Restricting AWS Console access by network is a useful perimeter, not a complete identity strategy

AWS sign-in resource-based policies and resource control policies can restrict Management Console access to expected networks, adding a practical layer to data perimeter designs.

EKS control plane egress through your VPC closes a real private-cluster gap

Amazon EKS customer-routed control plane egress lets Kubernetes API server traffic use customer VPC routing, security controls, and private endpoints for webhooks and OIDC dependencies.

Lambda MicroVMs make isolated sandboxes a serverless design choice

AWS Lambda MicroVMs give builders a new option for running user-generated and AI-generated code with VM-level isolation, fast resume, and controlled lifecycle state.

← All tags