AWS Partner Network (APN) Blog
Tag: Identity and Access Management
Applying Dynamically Generated Isolation Policies in SaaS Environments
As part of adopting a multi-tenant SaaS model, a key challenge is how to provide strong tenant isolation in a cost effective and scalable manner. Being able to effectively isolate your tenants is an important part of a multi-tenant system. Learn how dynamic policy generation gets applied as part of the overall isolation story of your SaaS solution, and follow along with AWS reference implementation to demonstrate how to use dynamically generated policies in code.
Resiliency Design Considerations and Best Practices for VMware Cloud on AWS
Customers across different industries and verticals are adopting VMware Cloud on AWS for their production workloads. If you have workloads that you’d like to run with high availability requirements, it’s important to understand the different architectural patterns and configuration options available. Dive deep with AWS experts on key resiliency design considerations and responsibilities for customers leveraging VMware Cloud on AWS.
How to Improve Project Security by Automating and Managing AWS Multi-Account Access
Many enterprise customers improve project security by segregating individual projects, or project environments like DEV or PROD, in separate AWS accounts. Mapping each project or project environment to a unique account provides a clear and easy way to maintain security boundaries and built-in cost accounting. Learn about EGlobalTech’s project-per-account model for accounts that enables users to seamlessly move between their AWS accounts and roles.
Data Tokenization with Amazon Redshift and Protegrity
Many companies are using Amazon Redshift to analyze and transform their data. As data continues to grow and become even more important, they are looking for more ways to extract valuable insights. One use case we’re especially excited to support is that of data tokenization and masking. Amazon Redshift has collaborated with Protegrity, an AWS Advanced Technology Partner, to enable organizations with strict security requirements to protect their data while being able to obtain the powerful insights.
Approaching Least Privilege – IAM Policies with Usage-Based Analytics
AWS customers are increasingly searching for new ways to manage access in a scalable way that maintains the benefits of an agile DevOps delivery model. However, the traditional and highly-manual processes for assessing and certifying access quickly demonstrates they cannot keep up with the speed of DevOps changes. Learn how PwC designs and implements baseline IAM roles for customers while leveraging usage-based analytics to identify overprivileged roles.
How TensorIoT Reduced Delays and the Initial Cost of Deploying Smart City IoT Solutions
Itron Idea Labs has been leveraging IoT devices for decades and using technology in innovative ways, but they faced two major problems in developing solutions for public sector organizations: project delays, and large up-front costs. To overcome these challenges, Itron teamed up with TensorIoT and created a new route to integration in the form of the Itron Manhattan SDK, which gives IoT device manufacturers the ability to integrate their devices into the Itron Idea Labs Cloud and AWS.
Building an Intelligent Contact Center with Zendesk and Amazon Connect
Zendesk and VoiceFoundry released the Amazon Connect app on the Zendesk Marketplace as part of a broader vision for the intelligent contact center of the future. The Amazon Connect app for Zendesk brings together a wide set of capabilities and unlocks endless possibilities for you to empower your agents and better engage your customers. By combining the powers of Amazon Connect and Zendesk, businesses can build a more intelligent contact center.
Rapid Data Lake Development with Data Lake as Code Using AWS CloudFormation
Data lakes have evolved into the single store-platform for all enterprise data managed. On AWS, an integrated set of services are available to engineer and automate data lakes. A data lake on AWS is able to group all of the previously mentioned services of relational and non-relational data and allow you to query results faster and at a lower cost. Learn how nClouds used code automation via AWS CloudFormation to create a dynamic data lake stack to visualize and analyze the financial market data.
How to Implement Object-Based Authorization in Serverless Applications Using Amazon Cognito
When building a complex web service such as a serverless application, sooner or later you must deal with permission control. Amazon Cognito is a powerful authentication and authorization service managed by AWS and is often combined with Amazon API Gateway and AWS Lambda to build secure serverless web services. Through the blueprint of an AWS Lambda authorizer, learn how to implement object-based authorization in serverless applications on AWS.
How HeleCloud Used AWS Secrets Manager to Automate Credentials Rotation of MS SQL on Amazon EC2
HeleCloud combines AWS Secrets Manager and the AWS Systems Manager Run Command into a solution that automatically rotates secrets for databases running on Amazon EC2. In addition to automatically rotating your secrets, it allows you to access them in applications running on Amazon EKS. Learn about the HeleCloud solution and walk through the code snippets and steps required to set up automatic credentials rotation of MS SQL Server running on Amazon EC2.