Help us improve the AWS re:Post Knowledge Center by sharing your feedback in a brief survey. Your input can influence how we create and update our content to better support your AWS journey.
Security, Identity, & Compliance
Securely run your business with the most flexible and secure cloud computing environment available. Benefit from AWS data centers and a network architected to protect your information, applications, and devices. Meet core security requirements, such as data locality, protection, and confidentiality with our comprehensive services and features.
Recent questions
see all1 / 18
- I cannot delete/edit/modify KMS Key Policy. I need to delete the KMS Customer Managed Key to have billing refund our disputed bill. They need to be deleted to eliminate costs stemming from having KMS ...
- 1. We currently use IAM to manage users. Is it recommended/required to enable IAM Identity Center if we want to use Microsoft Entra as our SSO provider? 2. When trying to enable IAM Identity Center,...
- Hi We added the Lambda for Triggers for Cognito But we are getting these errors intermittently Exception occurred while processing request PreAuthentication invocation failed due to error Socket ti...
- Today, when I try to log in to my AWS account, I receive an error (screenshot attached). Yesterday, everything was working fine. I am the administrator of this AWS account, and currently no one is ab...
- Hi Team, We are building an app with **Mobile Number + OTP Login using** AWS native services. Services Used * Amazon Cognito (OTP/login) * SNS SMS / AWS End User Messaging SMS (Pinpoint) (send OTP...
- IAM roles issues with Amazon Redshift server less, roles are stuck in adding or removing state for more than 30 minutes. How can I fix this?
- We are preparing our product for a paid offering in the AWS marketplace. In order to automatically license our product, we wanted to have a check that it is running from our marketplace listing as des...
- I am running a packer build to create an AMI in two regions across multiple AWS accounts. I have an encrypted multiregional KMS key that allows me to build instances in the east and south region of th...
- I requested a public certificate for a .commerce domain name but got the error that one or more domain name is not a valid public domain. .commerce is a valid TLD now so not sure why this error.
- I’m trying to confirm the billing behavior of Amazon API Gateway when the default execute-api endpoint is disabled (for REST APIs). Disabled endpoint documentation: [https://docs.aws.amazon.com/apigat...
- My hosted zone is correctly configured, as I have been using it for a couple of months now. Double checked with `whois mydomain.com` Previously, I was using "mydomain.com" A record to route traffic to...
- As cloud adoption matures, learning is shifting from service-level knowledge to architecture, automation, and accountability. In your view, which areas should cloud learners focus on for 2026? - Cl...asked 7 days ago
- My application uses AWS Cognito User Pools for authentication (users log in via Cognito and receive tokens). After logging into my app, users see a button “Agent View”. When an agent clicks “Agent V...
- I have a deployment pipeline in AWS Gov account, during the build process I need to access secrets resides in standard AWS account. I tried editing resource permission with following statement, but wh...
- ## The Problem I have an RDS PostgreSQL 16.8 instance in ap-southeast-1 where IAM authentication completely stopped working (or maybe never worked). Every connection attempt with an IAM token fails w...
- Hello everyone, I’m experiencing an issue with Amazon CloudFront where I consistently receive an “Access Denied” error whenever I try to save changes to a CloudFront distribution — even when no chang...
- I want to set up Single Sign-On (SSO) for my Amazon Connect instance using Amazon Cognito as the identity provider. I’m looking for guidance on the required steps, best practices, and any potential pi...
- Region: us-east-1 Namespace: default Problem User: QSEmbedPublisherRole/0001 Issue: - User "QSEmbedPublisherRole/0001" has 125 duplicate entries in QuickSight when doing `aws quicksight list-...
Recent Knowledge Center content
see all1 / 18
Recent articles
see all1 / 18
- AWS OFFICIALUpdated 13 days ago0 votes88 viewsThis article explores how Enterprise Support worked with the customer to design and implement an enterprise-grade SMS messaging solution that supports multiple business units. It also covers strategie...
- AWS OFFICIALUpdated 14 days ago2 votes164 viewsLearn how to integrate Dynatrace with AWS Incident Detection and Response to automate incident response and create context-rich support cases that expedite issue resolution.
Ramu VaranasiEXPERTpublished a month ago0 votes193 viewsWhen using Amazon Bedrock with inference profiles in an AWS environment restricted by Control Tower, you may encounter challenges accessing required regions. This article explains how to maintain secu...- AWS OFFICIALUpdated a month ago0 votes107 viewsThis article shows you how to set up security contacts for your standalone accounts, AWS Organizations, and AWS Partners accounts. It also explains best practices for maintaining effective security no...
- AWS OFFICIALUpdated a month ago0 votes163 viewsThis article tells you guidelines and best practices to follow when implementing port scanning workloads in your AWS environment.
- Purnaresa YEXPERTpublished a month ago0 votes80 viewsA practical guide to implementing external access analysis using CloudFormation StackSets
- Heechan LeeEXPERTpublished 2 months ago1 votes272 viewsThis guide provides step-by-step instructions for configuring SAML-based Single Sign-On between AWS SageMaker Unified Studio and Microsoft Entra ID, enabling users to access SMUS seamlessly using thei...
- AvinashEXPERTpublished 2 months ago1 votes133 viewsPurpose of this article is to offer general guidance on how to troubleshoot issues related to deployment of CrowdStrike Falcon Next-Gen SIEM for AWS through AWS Marketplace. It summarizes common issue...
- Heechan LeeEXPERTpublished 2 months ago0 votes69 viewsThis guide helps diagnose and resolve the "Email not specified" error that occurs during SAML authentication setup for Amazon SageMaker Unified Studio
- Joanna KEXPERTpublished 2 months ago0 votes114 viewsHighlight that WAF on these regional endpoints has visibility of CloudFront viewer IP in the client IP and not just the X-Forwarded-For header
- Heechan LeeEXPERTpublished 2 months ago0 votes162 viewsThis guide provides step-by-step instructions for configuring SAML-based single sign-on (SSO) between Keycloak as an identity provider and Sagemaker Unified Studio
- SubuEXPERTpublished 2 months ago0 votes207 viewsIf a user access key is acquired by a bad actor, we can use this standard operating procedure to safely make the lost access key ineffective
- Purnaresa YEXPERTpublished 2 months ago0 votes402 viewsPrevent credential misuse by restricting IAM User access to approved enterprise networks using Service Control Policies.
- NaveenEXPERTpublished 2 months ago0 votes219 viewsManaging database compliance across multiple AWS accounts is time-consuming and error-prone. This article shows you how to use AWS Config Organization Conformance Packs to automate compliance monitori...
- N_AgarwalEXPERTpublished 2 months ago1 votes385 viewsGoogle Chrome’s deprecation of public TLS certificates with clientAuth Extended Key Usage (EKU), effective April 13, 2026, impacts AWS Certificate Manager (ACM) users importing non-AWS CA certificates...
- AWS OFFICIALUpdated 2 months ago0 votes198 viewsThis article shows how organizations can use AWS Support to accelerate Australian Prudential Regulation Authority (APRA) compliance coverage.
- Hao SuEXPERTpublished 3 months ago0 votes120 viewsThe Default CloudWatch AWS namespace for Cognito does not currently support UserPool ID or App Client ID granularity
- samratmkEXPERTpublished 3 months ago3 votes147 viewsMigrating your AWS account to a new landing zone can lock you out of your Amazon EKS clusters. New SSO permission sets create different role names that break existing access. This guide helps you: -...
Recent selections
see all1 / 10
Dominique MMODERATORpublished 4 months ago1 votes220 viewsThis spotlight on Amazon Cognito equips you with the skills and troubleshooting best practices to get the most out of this cost effective service.- Patrick KennedyEXPERTpublished a year ago0 votes934 viewsThis spotlight on IAM equips you with the skills and troubleshooting tips to get the most out of a powerful service.
- AWS OFFICIALUpdated a month ago9 votes25.5K viewsThe AWS Trust & Safety Center provides curated knowledge of AWS resources that can assist you in your cloud journey.
- Osvaldo MarteEXPERTpublished 2 years ago2 votes18.6K viewsThis selection focuses on the essential AWS networking services, providing a comprehensive overview of tools and technologies available to build and manage secure, scalable, and high-performing networ...
- Antonio LagrotteriaEXPERTpublished 2 years ago4 votes28.1K viewsA selection of architectural patterns and tips to leverage secure cross-account APIs, showing ingress, egress and inspection reference architectures
- Jonathan_DEXPERTpublished 2 years ago4 votes11.9K viewsDo you have critical workloads running in AWS? Review these handpicked resources to find ways to ensure your applications are resilient to failures.
- AWS OFFICIALUpdated 2 years ago0 votes70 viewsThis selection includes content and solutions supporting FSI related compliance and requirements covering security, immutable storage, and general guidance.
- AWS OFFICIALUpdated 2 years ago0 votes80 viewsAs a best practice, AWS recommends that you use AWS Identity and Access Management (IAM) roles instead of IAM users with long-term credentials such as access keys.
- AWS OFFICIALUpdated 2 years ago0 votes22 viewsAccelerate your business transformation goals with a managed service that combines compute, network and storage capabilities in a fully supported, ready-to-run service from VMware and AWS.
- AWS OFFICIALUpdated 2 years ago0 votes7.9K viewsAre you getting 403 Access Denied errors with your Amazon Simple Storage Service (Amazon S3) operations? Review this list of handpicked resources to identify the root cause and troubleshooting instruc...
1 / 18
Riku_Kobayashi
EXPERTGary Mclean
EXPERTsecondabhi_aws
EXPERTOleksii Bebych
EXPERTGreg
EXPERTKidd Ip
EXPERTOsvaldo Marte
EXPERTSedat SALMAN
EXPERTAdeleke Adebowale .J.
EXPERTBehrens, Isaac
EXPERTTushar Jagdale
EXPERTMatt Barbieri
EXPERTAWS-User-alantam
EXPERTIndranil Banerjee AWS
EXPERTTakahito Iwasa
EXPERTMassimilianoAWS
EXPERTGK
EXPERT
Learn AWS faster by following popular topics
1 / 4
