AWS Partner Network (APN) Blog

Category: Security, Identity, & Compliance

How to Enhance the Security and Compliance of Cloud Architectures with Datacom and AWS Services

Security and compliance governance is one of the most challenging problems organizations face when managing their cloud infrastructure. After years of working with AWS, Datacom Group has observed that each client has their own industry-specific security and compliance requirements. What’s needed is a solution that is flexible enough to cater to diverse customer requirements. Datacom’s governance solution is flexible and can integrate with a number of AWS native services to offer enhanced capabilities.

ClearDATA-AWS-Partners

How ClearDATA Enforces Data Locality with AWS IAM Permission Boundaries

For healthcare organizations bound by regulations that require privacy, security, and compliance protections for sensitive healthcare data, ClearDATA provides the peace of mind of automation-forward technology and industry-leading, HITRUST-certified, healthcare-exclusive expertise. Learn how ClearDATA Comply uses the IAM permission boundary feature to automate restricting access to specific AWS regions.

Migration-4

How to Upgrade Large Windows 2008 R2 Workloads in Place

Upgrading legacy systems to the cloud can seem daunting and time-consuming, but with the right combination of AWS Systems Manager, AWS Directory Service, and a few simple AWS Lambda functions, you can upgrade from your outdated Windows environments flawlessly, seamlessly, and at scale. Learn how you can run an in-place upgrade of your Windows 2008 R2 production instances to Windows 2019 R2, and how to control instance tagging so you can orchestrate the root volume replacement process.

AWS-SaaS-Factory-1

Isolating SaaS Tenants with Dynamically Generated IAM Policies

Many SaaS organizations leverage AWS Identity and Access Management (IAM) to define a series of policies and roles that can be used to ensure tenants are not allowed to cross tenant boundaries when accessing resources. To make this work, you have to create separate policies for each tenant which can create an explosion of tenant policies that push the account limits of IAM. Learn how dynamic policy generation creates a more scalable and manageable isolation experience.

Aqua-AWS-Partners

Deploying DevSecOps on Amazon EKS with Aqua Security – Part 2

Aqua Security was built to redefine security and help you address the security skills gap in a rapidly evolving cloud-native landscape, automating security controls at the speed of DevOps. Unlike traditional security, cloud-native security cannot adopt a one-size-fits-all approach. It has to be seamlessly integrated with the existing processes, organizational culture as well as the technology. Learn how to implement a DevSecOps pipeline using AWS CodePipeline and Aqua Platform.

Kion-AWS-Partners-1

Easily Delegate Responsibilities Using AWS Permissions Boundaries and Kion

Permissions boundaries allow admins to delegate permissions to users so they can create new AWS service roles without elevating their own permissions. This removes the need for admins to field requests for these role creations and promotes self-service for users. The ultimate goal is to remove blockers for enhanced productivity. Learn how to pair permissions boundaries with Kion for increased automation and delegation.

Minimizing the PCI Compliance Burden Using Containerization, Microservices, and AWS

Leveraging cloud-based microservices is not a solution that works for everyone or every application, but it’s one more point in favor of transitioning legacy applications to microservices. If you’re already looking to re-architect, consider it an opportunity to spin out regulated data into separate containers. From there, it’s not much more effort to move those containers to AWS. Learn how AWS technologies can help organizations reduce their Payment Card Industry (PCI) compliance burden.

Okta-AWS-Partners

Implementing SAML AuthN for Amazon EMR Using Okta and Column-Level AuthZ with AWS Lake Formation

As organizations continue to build data lakes on AWS and adopt Amazon EMR, especially when consuming data at enterprise scale, it’s critical to govern your data lakes by establishing federated access and having fine-grained controls to access your data. Learn how to implement SAML-based authentication (AuthN) using Okta for Amazon EMR, querying data using Zeppelin notebooks, and applying column-level authorization (AuthZ) using AWS Lake Formation.

Aqua-AWS-Partners

Deploying DevSecOps on Amazon EKS with Aqua Security — Part 1

Customers running their microservices-based applications on Amazon EKS come to Aqua Security looking for guidance about architecting end-to-end CI/CD pipelines using DevSecOps principles. Sometimes called security as code, DevSecOps integrates security best practices into a DevOps pipeline instead of bolting them on at the end. Aqua Security has formulated a security portfolio that provides coverage throughout the application development lifecycle while also securing the underlying infrastructure.

AWS-Single-Sign-On

Enabling Single Sign-On Between OneLogin and AWS

AWS Single Sign-On allows customers to efficiently manage user identities at scale by establishing a single identity and access strategy across their own applications, third-party applications), and AWS environments. Learn about the integration of AWS SSO with OneLogin, an authentication and role-based user provisioning engine that enables organizations to implement least-privilege access controls and eliminate manual user management workflows for all AWS users and accounts.