Amazon is rolling out automation tools to make it easier to secure applications running on Amazon Web Services. These include automated management of secrets, certificates, firewall policies and compliance data.
The tools, unveiled at AWS Summit in San Francisco on April 4, reflect a philosophy that developers should build security into applications from the beginning, and not bolt protection on after the application is done. Security-as-an-afterthought leads to vulnerabilities, Amazon CTO Werner Vogels said in a keynote at the conference.
AWS Secrets Manager is designed to automate creating, storing and managing secret, such as database credentials, passwords and keys. AWS Certificate Manager, Private Certificate Authority allows developers to provision and manage certificates that are only available to users inside an organization. AWS Firewall Manager centralizes control across multiple AWS accounts and regions. And AWS updated its AWS Config service to aggregate compliance data across accounts and regions.
For more information, see Light Reading: Unknown Document 742018
— Mitch Wagner Editor, Enterprise Cloud, Light Reading