AWS Security Announcements

Within one day, Amazon Web Services (AWS) announced two important security features: AWS Virtual Private Cloud and Multi-Factor Authentication. This is good to hear – and shows two things in my opinion:

  • Security is beginning to drive Amazon’s roadmap
  • Amazon considers hybrid deployments, i.e. the combination of internal IT with public clouds,  as an important scenario for cloud adoption in the enterprise market.
VPC (Source: Amazon)

VPC (Source: Amazon)

The VPC is effectively extending the perimeter of the customers’ datacenters into the public cloud. Amazon speaks of isolation at the network level. I wonder if they can guarantee that instances running on the VPC do not share virtual machines with other instances outside the VPC. It would be great to provide isolation at the AMI instance level as well to avoid problems of side channel attacks between images executing on the same virtual machine, such as the attacks described here.

Update from Amazon:  “We don’t make any such guarantee at present. Over time, if customers ask for this, we’ll certainly do our best to meet their needs.

Since Chrismas is approaching fast, two things I would like to add on my wishlist:

  • it would be great to know more about the traffic isolation within VPC
  • to be able to use security groups on VPC as well

More reading on Amazon’s recent security announcements:

About these ads

One thought on “AWS Security Announcements

  1. Pingback: Amazon VPC Brief Analysis « Elastic Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s