Custom policy checks help democratize automated reasoning

New IAM Access Analyzer feature uses automated reasoning to ensure that access policies written in the IAM policy language don’t grant unintended access.

To control access to resources in the Amazon Web Services (AWS) Cloud, customers can author AWS Identity and Access Management (IAM) policies. The IAM policy language is expressive, allowing you to create fine-grained policies that control who can perform what actions on which resources. This control can be used to enforce the principle of least privilege, granting only the permissions required to perform a task.

But how can you verify that your IAM policies meet your security requirements? At AWS’s 2023 re:Invent conference, we announced the launch of IAM Access Analyzer custom policy checks, which help you benchmark policies against your security standards. Custom policy checks abstract away the task of converting policy statements into mathematical formulas, so customers can enjoy the benefits of automated reasoning without expertise in formal logic.

Policy checks in context.png
The role of IAM Access Analyzer custom policy checks in the development pipeline.

The IAM Access Analyzer API CheckNoNewAccess ensures that you do not inadvertently add permissions to a policy when you update it. With the CheckAccessNotGranted API, you can specify critical permissions that developers should not grant in their IAM policies.

We built custom policy checks on an internal AWS service called Zelkova, which uses automated reasoning to analyze IAM policies. Previously, we used Zelkova to build preventative and detective managed controls, such as Amazon S3 Block Public Access and IAM Access Analyzer public and cross-account findings. Now, with the release of custom policy checks, you can set a security standard and prevent policies that do not meet this standard from being deployed.

How does Zelkova work?

Zelkova models the semantics of the IAM policy language by translating policies into precise mathematical expressions. It then uses automated engines called satisfiability modulo theories (SMT) solvers to check properties of the policies. Satisfiability (SAT) solvers check if it is possible to assign true or false values to Boolean variables to satisfy a set of constraints; SMT is a generalization of SAT to include strings, integers, real numbers, or functions. The benefit of using SMT to analyze policies is that it is comprehensive. Unlike tools that simulate or evaluate a policy for a given request or a small set of requests, Zelkova can check properties of a policy for all possible requests.

Consider the following Amazon S3 bucket policy:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Principal": "*",
         "Action": ["s3:PutObject"],
         "Resource": "arn:aws:s3:::DOC-EXAMPLE-BUCKET"
      }
   ]
}

Zelkova translates this policy into the following formula:

(Action = “s3:PutObject”) 
∧ (Resource = “arn:aws:s3:::DOC-EXAMPLE-BUCKET”)

In this formula, "∧" is the mathematical symbol for “and”. Action and Resource are variables that represent values from any possible request. The formula is true only when a request is allowed by the policy. This precise mathematical representation of a policy is useful because it allows us to answer questions about the policy exhaustively. For example, we can ask if the policy allows public access, and we receive the answer that it does.

For simple policies such as the preceding policy, we could perform manual reviews to determine whether they allow public access: the "Principal": "*" in the policy’s statement means that anyone (the public) is allowed access. But manual review can be error prone and is not scalable.

Alternatively, we could write simple syntactic checks for patterns such as "Principal": "*". However, these syntactic checks can miss the subtleties of policies and the interactions between different parts of a policy. Consider the following modification of the preceding policy, which adds a Deny statement with "NotPrincipal": "123456789012"; the policy still has the pattern "Principal": "*", but it no longer allows public access:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Principal": "*",
         "Action": ["s3:PutObject"],
         "Resource": "arn:aws:s3:::DOC-EXAMPLE-BUCKET"
      },
      {
         "Effect": "Deny",
         "NotPrincipal": "123456789012",
         "Action": "*",
         "Resource": "*"
      }
   ]
}

With the mathematical representation of policy semantics in Zelkova, we can answer questions about access privileges precisely.

Answering questions with Zelkova

As an example, let’s consider a relatively simple question. With IAM policies, you can grant cross-account access to resources you want to share. For sensitive resources, you’d like to check that cross-account access is not possible.

Suppose we wanted to check whether the preceding policies allow anyone outside my account, 123456789012, to access my S3 bucket. Just as we translated the policy into a mathematical formula, we can translate the question we want to ask (or property we want to check) into a mathematical formula. To check whether all allowed accesses are from my account, we can translate the property to the following formula:

(Principal = 123456789012)

To show that the property holds true for the policy, we can now try to prove that only requests with (Principal = 123456789012) are allowed by the policy. A common trick used in mathematics is to flip the question around. Instead of trying to prove that the property holds, we can prove that it does not hold by finding requests that do not satisfy it — in other words, requests that satisfy (Principal 123456789012). To find such a counterexample, we look for assignments to the variables Principal, Action, and Resource such that the following is true:

(Action = “s3:PutObject”)
∧ (Resource = “arn:aws:s3:::DOC-EXAMPLE-BUCKET”)
∧ (Principal ≠ 123456789012)

Zelkova translates the policy and property into the preceding mathematical formula, and it efficiently searches for counterexamples using SMT solvers. For the preceding formula, the SMT solver can produce a counterexample showing that such access is indeed allowed by the policy (for example, with Principal = 111122223333).

For the previously modified policy with the Deny statement, the SMT solver can also prove that no solution is possible for the resulting formula and that no access is allowed for the policy from outside my account, 123456789012:

(Action = “s3:PutObject”) 
∧ (Resource = “arn:aws:s3:::DOC-EXAMPLE-BUCKET”) 
∧ (Principal = 123456789012) ∧ (Principal ≠ 123456789012)

The Deny statement in the policy with "NotPrincipal": "123456789012" is translated to the constraint (Principal = 123456789012). By inspecting the preceding formula, we can see that it can’t be satisfied: the constraints on Principal from the policy and from the property are contradictory. An SMT solver can prove this and more complicated formulas by exhaustively ruling out solutions.

Custom policy checks

To democratize access to Zelkova, we needed to abstract the construction of mathematical formulas behind a more accessible interface. To that end, we launched IAM Access Analyzer custom policy checks with two predefined checks: CheckNoNewAccess and CheckAccessNotGranted.

With CheckNoNewAccess, you can confirm that you do not accidentally add permissions to a policy when updating it. Developers often start with more-permissive policies and refine them over time toward least privilege. With CheckNoNewAccess, you can now compare two versions of a policy to confirm that the new version is not more permissive than the old version.

Suppose a developer updates the first example policy in this post to disallow cross-account access but at the same time also adds a new action:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Principal": "123456789012",
         "Action": [ 
            "s3:PutObject",
            "s3:DeleteBucket" 
         ],
         "Resource": "arn:aws:s3:::DOC-EXAMPLE-BUCKET"
      }
   ]
}

CheckNoNewAccess translates the two versions of the policy into formulas Pold and Pnew, respectively. It then searches for solutions to the formula (Pnew ¬Pold) that represent requests that are allowed by the new policy but not allowed by the old policy (“¬” is the mathematical symbol for “not”). Because the new policy allows principals in 123456789012 to perform an action that the old policy did not, the check fails, and a security engineer can review whether this policy change is acceptable.

With CheckAccessNotGranted, security engineers can be more prescriptive by specifying critical permissions to be checked against policy updates. Let’s say we want to ensure that developers are not granting permissions to delete an important bucket. In our previous example, CheckNoNewAccess detected this only because the permission was added with an update. With CheckAccessNotGranted, the security engineer can specify s3:DeleteBucket as a critical permission. We then translate the critical permissions into a formula such as (Action = “s3:DeleteBucket”) and search for requests with that action that are allowed by the policy. Because the preceding policy allows this action, the check fails and that prevents the permission from being deployed.

With the ability to specify critical permissions as parameters to the CheckAccessNotGranted API, you can now check policies against your standards — and not just for canned, broadly applicable checks.

Debugging failures

By democratizing policy checks, without the need for costly and time-consuming manual reviews, custom policy checks help developers move faster. When policies pass the checks, developers can make updates with confidence. If policies fail the checks, IAM Access Analyzer provides additional information so that developers can debug and fix them.

Suppose a developer writes the following identity-based policy:

{
   "Version": "2012-10-17",
   "Statement": [
      {
         "Effect": "Allow",
         "Action": [
            "ec2:DescribeInstance*",
            "ec2:StartInstances", 
            "ec2:StopInstances" 
         ],
         "Resource": "arn:aws:ec2:*:*:instance/*"
      },
      {
         "Effect": "Allow",
         "Action": [ 
            "s3:GetObject*", 
            "s3:PutObject",
            "s3:DeleteBucket" 
         ],
         "Resource": "arn:aws:s3:::DOC-EXAMPLE-BUCKET/*"
      }
   ]
}

Let’s also suppose that a security engineer has specified critical permissions that include s3:DeleteBucket. As described above, CheckAccessNotGranted fails on this policy.

For any given policy, it can sometimes be hard to understand why a check failed. To give developers more clarity, IAM Access Analyzer uses Zelkova to solve additional problems that pinpoint the failure to a specific statement in the policy. For the preceding policy, the check failed with the description "New access in the statement with index: 1". This description indicates that the second statement contains a critical permission.

The key to democratizing automated reasoning is to make it simple to use and easy to specify properties. With additional custom checks, we will continue to enable our customers on their journey to least privilege.

Research areas

Related content

US, MA, North Reading
We are looking for experienced scientists and engineers to explore new ideas, invent new approaches, and develop new solutions in the areas of Controls, Dynamic modeling and System identification. Are you inspired by invention? Is problem solving through teamwork in your DNA? Do you like the idea of seeing how your work impacts the bigger picture? Answer yes to any of these and you’ll fit right in here at Amazon Robotics. We are a smart team of doers that work passionately to apply cutting edge advances in robotics and software to solve real-world challenges that will transform our customers’ experiences in ways we can’t even imagine yet. We invent new improvements every day. We are Amazon Robotics and we will give you the tools and support you need to invent with us in ways that are rewarding, fulfilling and fun. Key job responsibilities Applied Scientists take on big unanswered questions and guide development team to state-of-the-art solutions. We want to hear from you if you have deep industry experience in the Mechatronics domain and : * the ability to think big and conceive of new ideas and novel solutions; * the insight to correctly identify those worth exploring; * the hands-on skills to quickly develop proofs-of-concept; * the rigor to conduct careful experimental evaluations; * the discipline to fast-fail when data refutes theory; * and the fortitude to continue exploring until your solution is found We are open to hiring candidates to work out of one of the following locations: North Reading, MA, USA | Westborough, MA, USA
IL, Tel Aviv
Are you passionate about pushing the boundaries of computer vision, generative AI, deep learning, and machine learning? Ready to tackle challenges in document understanding at scale? We’re looking for innovative minds to join our world-class team at AWS, where you’ll collaborate with leading researchers, academics, and engineers on Amazon Textract. Why AWS? Be part of the leading cloud service provider powering innovation and positive impact. Work on real-world problems alongside tech and business giants. Access to unlimited data and computational resources. Collaborate with world-class researchers and developers. Deploy solutions at AWS scale and publish your work at top conferences. Focus Areas: - LLMs, document understanding, scene text recognition. - Visual question answering, NLP+vision, layout understanding. Locations: Tel Aviv and Haifa Think you’re a fit? Dive into the world of AWS Computer Vision and help us innovate at the forefront of technology. Key job responsibilities - Design cutting-edge neural network architectures. - Create document understanding solutions for complex scenarios and large visual datasets. - Set benchmarks and success criteria for model performance. - Collaborate across AWS and Amazon to bring scientific breakthroughs to our customers. - Add your unique creativity to our multidisciplinary team. - Mentor junior scientists and interns/PhD students. We are open to hiring candidates to work out of one of the following locations: Haifa, ISR | Tel Aviv, ISR
US, CA, Santa Clara
Amazon AI is looking for world class scientists and engineers to join its AWS AI Labs. This group is entrusted with developing core data mining, natural language processing, deep learning, and machine learning algorithms for AWS. You will invent, implement, and deploy state of the art machine learning algorithms and systems. You will build prototypes and explore conceptually new solutions. You will interact closely with our customers and with the academic community. You will be at the heart of a growing and exciting focus area for AWS and work with other acclaimed engineers and world famous scientists. Inclusive Team Culture Here at AWS, we embrace our differences. We are committed to furthering our culture of inclusion. We have ten employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We have innovative benefit offerings, and host annual and ongoing learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences. Work/Life Balance Our team puts a high value on work-life balance. It isn’t about how many hours you spend at home or at work; it’s about the flow you establish that brings energy to both parts of your life. We believe striking the right balance between your personal and professional life is critical to life-long happiness and fulfillment. We offer flexibility in working hours and encourage you to find your own balance between your work and personal lives. Mentorship & Career Growth Our team is dedicated to supporting new members. We have a broad mix of experience levels and tenures, and we’re building an environment that celebrates knowledge sharing and mentorship. Our senior members enjoy one-on-one mentoring and thorough, but kind, code reviews. We care about your career growth and strive to assign projects based on what will help each team member develop into a better-rounded engineer and enable them to take on more complex tasks in the future. We are open to hiring candidates to work out of one of the following locations: New York, NY, USA | Santa Clara, CA, USA | Seattle, WA, USA
LU, Luxembourg
Have you ever wished to build high standard Operations Research and Machine Learning algorithms to optimize one of the most complex logistics network? Have you ever ordered a product on Amazon websites and wondered how it got delivered to you so fast, and what kinds of algorithms & processes are running behind the scenes to power the whole operation? If so, this role is for you. The team: Global transportation services, Research and applied science - Operations is at the heart of the Amazon customer experience. Each action we undertake is on behalf of our customers, as surpassing their expectations is our passion. We improve customer experience through continuously optimizing the complex movements of goods from vendors to customers throughout Europe. - Global transportation analytical teams are transversal centers of expertise, composed of engineers, analysts, scientists, technical program managers and developers. We are focused on Amazon most complex problems, processes and decisions. We work with fulfillment centers, transportation, software developers, finance and retail teams across the world, to improve our logistic infrastructure and algorithms. - GTS RAS is one of those Global transportation scientific team. We are obsessed by delivering state of the art OR and ML tools to support the rethinking of our advanced end-to-end supply chain. Our overall mission is simple: we want to implement the best logistics network, so Amazon can be the place where our customers can be delivered the next-day. The role: Applied scientist, speed and long term network design The person in this role will have end-to-end ownership on augmenting RAS Operation Research and Machine Learning modeling tools. They will help understand where are the constraints in our transportation network, and how we can remove them to make faster deliveries at a lower cost. You will be responsible for designing and implementing state-of-the-art algorithmic in transportation planning and network design, to expand the scope of our Operations Research and Machine Learning tools, to reflect the constantly evolving constraints in our network. You will enable the creation of a product that drives ever-greater automation, scalability and optimization of every aspect of transportation, planning the best network and modeling the constraints that prevent us from offering more speed to our customer, to maximize the utilization of the associated resources. The impact of your work will be in the Amazon EU global network. The product you will build will span across multiple organizations that play a role in Amazon’s operations and transportation and the shopping experience we deliver to customer. Those stakeholders include fulfilment operations and transportation teams; scientists and developers, and product managers. You will understand those teams constraints, to include them in your product; you will discuss with technical teams across the organization to understand the existing tools and assess the opportunity to integrate them in your product.You will engage with fellow scientists across the globe, to discuss the solutions they have implemented and share your peculiar expertise with them. This is a critical role and will require an aptitude for independent initiative and the ability to drive innovation in transportation planning and network design. Successful candidates should be able to design and implement high quality algorithm solutions, using state-of-the art Operations Research and Machine Learning techniques. Key job responsibilities - Engage with stakeholders to understand what prevents them to build a better transportation network for Amazon - Review literature to identify similar problems, or new solving techniques - Build the mathematical model representing your problem - Implement light version of the model, to gather early feed-back from your stakeholders and fellow scientists - Implement the final product, leveraging the highest development standards - Share your work in internal and external conferences - Train on the newest techniques available in your field, to ensure the team stays at the highest bar About the team GTS Research and Applied Science is a team of scientists and engineers whom mission is to build the best decision support tools for strategic decisions. We model and optimize Amazon end-to-end operations. The team is composed of enthusiastic members, that love to discuss any scientific problem, foster new ideas and think out of the box. We are eager to support each others and share our unique knowledge to our colleagues. We are open to hiring candidates to work out of one of the following locations: Luxembourg, LUX
IN, KA, Bengaluru
Job Description ATE (Analytics, Technology and Engineering) is a multi-disciplinary team of scientists, engineers, and technicians, all working to innovate in operations for the benefit of our customers. Our team is responsible for creating core analytics, science capabilities, platforms development and data engineering. We develop scalable analytics applications and research modeling to optimize operation processes.. You will work with professional software development managers, data engineers, data scientists, applied scientists, business intelligence engineers and product managers using rigorous quantitative approaches to ensure high quality data tech products for our customers around the world, including India, Australia, Brazil, Mexico, Singapore and Middle East. We are on the lookout for an enthusiastic and highly analytical individual to be a part of our journey. Amazon is growing rapidly and because we are driven by faster delivery to customers, a more efficient supply chain network, and lower cost of operations, our main focus is in the development of strategic models and automation tools fed by our massive amounts of available data. You will be responsible for building these models/tools that improve the economics of Amazon’s worldwide fulfillment networks in emerging countries as Amazon increases the speed and decreases the cost to deliver products to customers. You will identify and evaluate opportunities to reduce variable costs by improving fulfillment center processes, transportation operations and scheduling, and the execution to operational plans. You will also improve the efficiency of capital investment by helping the fulfillment centers to improve storage utilization and the effective use of automation. Finally, you will help create the metrics to quantify improvements to the fulfillment costs (e.g., transportation and labor costs) resulting from the application of these optimization models and tools. Major responsibilities include: · In this role, you will be responsible for developing and implementing innovative, scalable models and tools aimed at tackling novel challenges within Amazon’s global fulfillment network. Collaborating with fellow scientists from various teams, you will work on integrated solutions to enhance fulfillment speed, reduce costs. Your in-depth comprehension of business challenges will enable you to provide scientific analyses that underpin critical business decisions, utilizing a diverse range of methodologies. You’ll have the opportunity to design scientific tool platforms, deploy models, create efficient data pipelines, and streamline existing processes. Join us in shaping the future of Amazon’s global retail business by optimizing delivery speed at scale and making a lasting impact on the world of e-commerce. If you’re passionate about solving complex problems and driving innovation, we encourage you to apply. About the team This team is responsible for applying science based algo and techniques to solve the problems in operation and supply chain. Some of these problems include, volume forecasting, capacity planning, fraud detection, scenario simulation and using LLM/GenAI for process efficiency We are open to hiring candidates to work out of one of the following locations: Bengaluru, KA, IND
DE, BE, Berlin
Are you excited about developing state-of-the-art computer vision models that revolutionize Amazon’s Fulfillment network? Are you looking for opportunities to apply AI on real-world problems at truly vast scale? At Amazon Fulfillment Technologies and Robotics, we are on a mission to build high-performance autonomous systems that perceive and act to further improve our world-class customer experience — at Amazon scale. To this end, we are looking for an Applied Scientist who will build and deploy models that make smarter decisions on a wide array of multi-modal signals. Together, we will be pushing beyond the state of the art in optimizing one of the most complex systems in the world: Amazon's Fulfillment Network. Key job responsibilities In this role, you will build computer vision and multi-modal deep learning models that understand the state of products and packages flowing through Amazon’s fulfillment network. You will build models that solve challenging problems like product identification and damage detection on Amazon's entire retail catalog (billions of different items, thousands of new items every day). You will primarily work with very large real-world vision datasets, as well as a diverse set of multi-modal datasets, including natural language and structured data. You will face a high level of research ambiguity and problems that require creative, ambitious, and inventive solutions. A day in the life AFT AI delivers the AI solutions that empower Amazon’s fulfillment network to make smarter decisions. You will work on an interdisciplinary team of scientists and engineers with deep expertise in developing cutting-edge AI solutions at scale. You will work with images, videos, natural language, and sequences of events from existing or new hardware. You will adapt state-of-the-art machine learning and computer vision techniques to develop solutions for business problems in the Amazon Fulfillment Network. About the team Amazon Fulfillment Technologies (AFT) powers Amazon’s global fulfillment network. We invent and deliver software, hardware, and science solutions that orchestrate processes, robots, machines, and people. We harmonize the physical and virtual world so Amazon customers can get what they want, when they want it. AFT AI is spread across multiple locations in NA (Bellevue WA and Nashville, TN) and Europe (Berlin, Germany). We are hiring candidates to work out of the Berlin location. Publicly available articles showcasing some of our work: - Damage Detection: https://www.amazon.science/latest-news/the-surprisingly-subtle-challenge-of-automating-damage-detection - Product ID: https://www.amazon.science/latest-news/how-amazon-robotics-is-working-on-new-ways-to-eliminate-the-need-for-barcodes We are open to hiring candidates to work out of one of the following locations: Berlin, BE, DEU
US, WA, Seattle
Here at Amazon, we embrace our differences. We are committed to furthering our culture of diversity and inclusion of our teams within the organization. How do you get items to customers quickly, cost-effectively, and—most importantly—safely, in less than an hour? And how do you do it in a way that can scale? Our teams of hundreds of scientists, engineers, aerospace professionals, and futurists have been working hard to do just that! We are delivering to customers, and are excited for what’s to come. Check out more information about Prime Air on the About Amazon blog (https://www.aboutamazon.com/news/transportation/amazon-prime-air-delivery-drone-reveal-photos). If you are seeking an iterative environment where you can drive innovation, apply state-of-the-art technologies to solve real world delivery challenges, and provide benefits to customers, Prime Air is the place for you. Come work on the Amazon Prime Air Team! Prime Air is seeking an experienced Research Scientist in the Flight Sciences High-Fidelity Methods (HFM) team within Flight Sciences, you will develop and verify aerodynamics models used for engineering analyses and vehicle simulation. These models are the backbone of every flight simulation performed within Prime Air and are a critical element in the aircraft design, verification and certification process. These models are used to predict many attributes of the vehicle performance including range, maneuverability, tracking error, and aircraft stability. They are a key input to design decisions, vehicle component sizing and flight software algorithm development. The accuracy and reliability of these flight model are critical to the success of Prime Air. For this role we are looking for a scientist to develop surrogate or machine learning models to represent the complex aerodynamic behavior of our drones. This scientist will develop techniques to validate these models using flight testing, quantify the model uncertainty, and assess the impact of this uncertainty on downstream engineering analyses. Key job responsibilities A Research Scientist in this role is responsible for owning the development, deployment, verification, and maintenance of models from end-to-end. This includes the initial gathering of the downstream customer needs, identifying the most suitable modelling approach, coordinating the generation of input data, training models, developing and maintaining software interfaces, and verifying the model accuracy. A Research Scientist in this role is responsible for determining the most suitable modeling approach for a given physical phenomena. They need to possess knowledge of various machine learning techniques, and their respective advantages and limitations. They will need to have a detailed understanding of the types of physics to be modelled including vehicle aerodynamics, multibody dynamics, and atmosphere physics. This role is responsible for designing experiments for generating data used to train and verify surrogate models. They need to have a basic understanding of the methods used to generate high-fidelity aerodynamics predictions including CFD, wind tunnel testing, and flight testing. They will be responsible for validating the models by leveraging uncertainty quantification, system identification, and statical analyses. Export Control License This position may require a deemed export control license for compliance with applicable laws and regulations. Placement is contingent on Amazon’s ability to apply for and obtain an export control license on your behalf. A day in the life A Research Scientist in the High-Fidelity Methods (HFM) team will have the opportunity to work on a wide variety of tasks. The ideal candidate should be adaptable and thrive in an everchanging environment. Depending on the phase of model or vehicle development, a typical day might consist of reading research papers on machine learning techniques, developing test plans for wind tunnel testing, writing code to train and verify models, reviewing flight test results, or writing documentation. We are open to hiring candidates to work out of one of the following locations: Seattle, WA, USA
US, WA, Redmond
Project Kuiper is an initiative to launch a constellation of Low Earth Orbit satellites that will provide low-latency, high-speed broadband connectivity to unserved and underserved communities around the world. We are searching for talented candidates with experience in spaceflight trajectory modeling and simulation, orbit mechanics, and launch vehicle mission planning. Key job responsibilities This position requires experience in simulation and analysis of astrodynamics models and spaceflight trajectories. Strong analysis skills are required to develop engineering studies of complex large-scale dynamical systems. This position requires demonstrated expertise in computational analysis automation and tool development. Working with the Kuiper engineering team, you will: - Develop modeling techniques for analysis and simulation of deployment dynamics of multiple satellites - Support Project Kuiper’s Launch Vehicle Mission Management team with technical expertise in Launch Vehicle trajectory requirements specification - Develop tools to support Mission Management planning for over 80 launches! - Work collaboratively with launch vehicle system technical teams Export Control Requirement: Due to applicable export control laws and regulations, candidates must be a U.S. citizen or national, U.S. permanent resident (i.e., current Green Card holder), or lawfully admitted into the U.S. as a refugee or granted asylum. We are open to hiring candidates to work out of one of the following locations: Redmond, WA, USA
US, WA, Seattle
Innovators wanted! Are you an entrepreneur? A builder? A dreamer? This role is part of an Amazon Special Projects team that takes the company’s Think Big leadership principle to the extreme. We focus on creating entirely new products and services with a goal of positively impacting the lives of our customers. No industries or subject areas are out of bounds. If you’re interested in innovating at scale to address big challenges in the world, this is the team for you. Here at Amazon, we embrace our differences. We are committed to furthering our culture of inclusion. We have thirteen employee-led affinity groups, reaching 40,000 employees in over 190 chapters globally. We are constantly learning through programs that are local, regional, and global. Amazon’s culture of inclusion is reinforced within our 16 Leadership Principles, which remind team members to seek diverse perspectives, learn and be curious, and earn trust. As a Applied Scientist at the intersection of machine learning and the life sciences, you will participate in developing exciting products for customers. Our team rewards curiosity while maintaining a laser-focus in bringing products to market. Competitive candidates are responsive, flexible, and able to succeed within an open, collaborative, entrepreneurial, startup-like environment. At the cutting edge of both academic and applied research in this product area, you have the opportunity to work together with a diverse and talented team of scientists, engineers, and product managers and collaborate with others teams. We are open to hiring candidates to work out of one of the following locations: Seattle, WA, USA
US, WA, Bellevue
As a Principal Research Scientist in the Amazon Artificial General Intelligence (AGI) Data Services organization, you will be responsible for sourcing and quality of massive datasets powering Amazon's AI. You will play a critical role in driving innovation and advancing the state-of-the-art in natural language processing and machine learning. You will be responsible for developing and implementing cutting-edge algorithms and techniques to extract valuable insights from large-scale data sources. You will work closely with cross-functional teams, including product managers, engineers, and data scientists to ensure that our AI systems are aligned with human policies and preferences. Key job responsibilities - Responsible for sourcing and quality of massive datasets powering Amazon's AI. - Collaborate with cross-functional teams to ensure that Amazon’s AI models are aligned with human preferences. - Develop and implement strategies to improve the efficiency and effectiveness of programs delivering massive datasets. - Identify and prioritize research opportunities that have the potential to significantly impact our AI systems. - Communicate research findings and progress to senior leadership and stakeholders. We are open to hiring candidates to work out of one of the following locations: Bellevue, WA, USA | Boston, MA, USA