When you deliver web content through a CDN such as CloudFront, a best practice is to prevent viewer requests from bypassing the CDN and accessing your origin content directly. In this blog post, you’ll see how to use CloudFront custom headers, AWS WAF, and AWS Secrets Manager to restrict viewer requests from accessing your CloudFront origin resources directly. read more...
Amazon Cognito lets you easily add user sign-up and sign-in to your mobile and web applications. In addition, Amazon Cognito supports OAuth 2.0 as an industry standard protocol for authorization, and the sample application in this blog post relies on JSON Web Tokens to authorize access to private content. JSON Web Token (JWT) is a JSON-based open standard for creating access tokens which assert a series of claims as a JSON object....
CloudFront field-level encryption helps secure sensitive data such as a customer phone numbers by adding another security layer to CloudFront HTTPS. Using this functionality, you can help ensure that sensitive information in a POST request is encrypted at CloudFront edge locations. This information remains encrypted as it flows to and beyond your origin servers that terminate HTTPS connections with CloudFront and throughout the application environment. In this blog post, we demonstrate how you can enhance the security of sensitive data by using CloudFront field-level encryption....