AWS Partner Network (APN) Blog
Tag: AWS Organizations
Identify and Eliminate Risks on AWS IAM and Secure Data Stores Using Sonrai Dig
With the move to cloud, there has been a paradigm shift in how we protect our most valuable asset—data. Learn the importance of building a complete and accurate risk profile, which consists of your identity and data relationships. You’ll also learn how it’s critical to protect the sensitive, private, and confidential data. Sonrai Dig graphically maps all of your identities and determines their effective permissions, allowing you to get to least privilege across your entire AWS environment.
How to Automate Cost and Performance Improvement Through gp3 Upgrades Using AWS Systems Manager
Automatically identifying and upgrading existing SSD volumes to take advantage of the new gp3 general purpose volumes for Amazon EBS can help organizations reduce storage costs. Learn how to upgrade your existing gp2 volumes, without interruption, to the next generation of general purpose SSD volumes using AWS Systems Manager. This a core component of nubeGo’s Cloud Managed Service (NCMS) which helps customers automate cost savings, security guardrails, and compliance requirements with minimal effort.
Creating an Equitable Enterprise AWS Chargeback Model Using CloudHealth
Most enterprises go through the process of monthly chargeback (cost allocation) of their AWS costs to internal business units or cost centers. The AWS Cost and Usage Report can provide the flexibility needed to create detailed custom billing rules. Learn how VMware implemented an equitable chargeback model using CloudHealth’s FlexReports, a simple solution for companies that have multiple Payers or just want to implement custom billing rules quickly.
How Tech Mahindra Approaches Cost Optimization and Governance Using AWS Native Services
Cloud cost governance ensures customers are availing all potential services, tools, and resources to continuously track, optimize, and control their overall cloud spend. Learn how Tech Mahindra achieved one customer’s goal of cloud finance using cost management best practices along with AWS native tools and techniques. Tech Mahindra worked closely with the customer’s IT, engineering, and finance teams to understand their existing cloud governance model and issues.
How to Integrate AWS Single Sign-On with MongoDB Atlas
MongoDB Atlas is the global cloud database service for modern applications, and in this post learn how to configure MongoDB Atlas to authenticate using AWS Single Sign-On (AWS SSO). Instead of having to sign in separately to MongoDB Atlas Control Plane, with this configuration enabled users can access the MongoDB Atlas user interface with their corporate credentials using AWS SSO. This delivers a better user experience without the need for managing separate sets of credentials.
How to Improve Project Security by Automating and Managing AWS Multi-Account Access
Many enterprise customers improve project security by segregating individual projects, or project environments like DEV or PROD, in separate AWS accounts. Mapping each project or project environment to a unique account provides a clear and easy way to maintain security boundaries and built-in cost accounting. Learn about EGlobalTech’s project-per-account model for accounts that enables users to seamlessly move between their AWS accounts and roles.
Account and VPC Considerations for VMware Cloud on AWS
When VMware Cloud on AWS is connected to the connected VPC, it always uses the default VPC route table in the VPC. During the deployment phase of VMware Cloud on AWS, the Software Defined Data Center is connected to an AWS (or customer) account for seamless access to native AWS services. In this post, we provide guidance on which AWS account and respective VPC to connect VMware Cloud on AWS to take advantage of native AWS service integrations.
Approaching Least Privilege – IAM Policies with Usage-Based Analytics
AWS customers are increasingly searching for new ways to manage access in a scalable way that maintains the benefits of an agile DevOps delivery model. However, the traditional and highly-manual processes for assessing and certifying access quickly demonstrates they cannot keep up with the speed of DevOps changes. Learn how PwC designs and implements baseline IAM roles for customers while leveraging usage-based analytics to identify overprivileged roles.
How BriteCore Improved Security and Scalability by Migrating Insurance Workloads with AWS Landing Zone
BriteCore was originally designed as an on-premises data center-based monolith; a state-of-the-art core insurance solution. However, the business agility, cost savings, and increased security of the cloud made it clear the insurance industry had to migrate. Learn how BriteCore used AWS Landing Zone to deliver a modern administrative system for Property & Casualty insurance that could be more agile, scale better, and be more secure than on-premises infrastructure.
Architecting Successful SaaS: Interacting with Your SaaS Customer’s Cloud Accounts
Explore several common AWS services and architectural patterns used by SaaS vendors to interact with their customers’ cloud accounts. Examples of SaaS products requiring some level of account interaction often fall into the categories of logging and monitoring, security, compliance, data analytics, DevOps, workflow management, and resource optimization. SaaS products, such as the ones in these categories, regularly interact with resources in the subscribing customer’s AWS account.