AWS Public Sector Blog
Tag: AWS IAM
How to create a cybersecurity analytics platform with AWS analytics and machine learning
Cybersecurity analytics is a systematic methodology designed to collect, ingest, process, aggregate, and analyze security events. This methodology empowers organizations to proactively perform security investigations, powered by advanced analytics and machine learning (ML), which help mitigate cyber issues more effectively and efficiently at scale. Learn about the core components of a cybersecurity analytics framework and how organizations can use AWS to design a cybersecurity analytics platform with analytics and ML services.
AWS announces low-to-no cost security services for federal political campaigns and committees
It is essential for election campaigns and committees to have access to the latest security services so they can mitigate risks against security threats at minimal cost. To support this, AWS is collaborating with Defending Digital Campaigns (DDC) to offer more than 20 cybersecurity-related AWS services for low-to-no cost to all active and registered national party committees and federal candidate committees for the US House and US Senate midterm elections that are eligible in accordance with DDC and Federal Election Commission (FEC) criteria.
How nonprofits can automate tax-exempt status across AWS accounts
Many nonprofits and other tax-exempt organizations need to make sure their tax status is correct across their Amazon Web Services (AWS) accounts. A new tax analyzer solution automatically detects the tax status of all AWS accounts across an organization. In this blog post, discover how this simple solution identifies which AWS accounts across an organization are paying sales tax, and learn how this solution can quickly remediate tax status by opening an AWS support case automatically.
Elevating cloud security to address regulatory requirements for security and disaster recovery
Learn how you can build a foundation of security objectives practices, including a business continuity and disaster recovery plan, that can be adapted to meet a dynamic policy environment and support the missions of national computer security incident response teams (CSIRT), operators of essential services (OES), digital service providers (DSP), and other identified sector organizations.
Dr. B helps with equitable vaccine distribution using AWS
Healthcare organization Dr. B launched to get as many COVID-19 vaccines into as many arms as possible. To achieve its mission to make access to care—specifically the COVID-19 vaccine—more efficient and equitable, the company created a serverless solution built on Amazon Web Services (AWS).
How to migrate on-premises workloads with AWS Application Migration Service
AWS Application Migration Service (MGN) is a highly automated lift-and-shift solution, which works by replicating your on-premises (physical or virtual) and/or cloud servers into your AWS account. When you’re ready, AWS MGN automatically converts and launches your servers on AWS so you can quickly benefit from the cost savings, productivity, resilience, and agility of the cloud. This guide teaches you how to migrate a content management system platform (CMS), based on an example with WordPress, running on a simulated on-premises environment to AWS Cloud, using MGN.
Sharing SAS data with Athena and ODBC
If you share data with other researchers, especially if they are using a different tool, you can quickly run into version issues, not knowing which file is the most current. Rather than sending data files everywhere, AWS offers a simple way to store your data in one central location so that you can read your data into SAS and still share it with other colleagues. In this blog post, I will explain how to export your data, store it in AWS, and query the data using SAS.
Modern data engineering in higher ed: Doing DataOps atop a data lake on AWS
Modern data engineering covers several key components of building a modern data lake. Most databases and data warehouses, to an extent, do not lend themselves well to a DevOps model. DataOps grew out of frustrations trying to build a scalable, reusable data pipeline in an automated fashion. DataOps was founded on applying DevOps principles on top of data lakes to help build automated solutions in a more agile manner. With DataOps, users apply principles of data processing on the data lake to curate and collect the transformed data for downstream processing. One reason that DevOps was hard on databases was because testing was hard to automate on such systems. At California State University Chancellors Office (CSUCO), we took a different approach by residing most of our logic with a programming framework that allows us to build a testable platform. Learn how to apply DataOps in ten steps.
Enabling SAML 2.0 federation with AWS IAM Identity Center and AWS GovCloud (US)
AWS IAM Identity Center helps administrators centrally manage access to multiple AWS accounts that are members of an AWS Organization. End users can authenticate and then access all their AWS accounts from a single interface. Using IAM Identity Center as a SAML identity provider for your AWS accounts also has security benefits: user credentials provided via federation are temporary. IAM Identity Center does not automatically detect AWS GovCloud (US) accounts associated with standard AWS accounts in your AWS Organization. IAM Identity Center is also not currently available in AWS GovCloud (US). As a result, IAM Identity Center cannot be used to automatically provision access for your users into an AWS GovCloud (US) account. However, this functionality can be extended to enable federation into AWS GovCloud (US) with a “custom SAML 2.0 application” in IAM Identity Center.
How public sector security teams can use serverless technologies to improve outcomes
Serverless applications are typically discreet pieces of code that customers can use to manage security-related processes or stitch together multiple AWS services to solve a larger problem. They allow customers to build and run applications and services without dealing with infrastructure management tasks such as server or cluster provisioning, patching, operating system maintenance, and capacity provisioning. In this blog, I explain the serverless computing model, the Serverless Application Repository (SAR), solution constructs and implementations, why they matter to our government customers, and how they can use them to solve common problems.