Showing only posts by Anandprasanna Gaitonde. Show all posts.

Governing and securing AWS PrivateLink service access at scale in multi-account environments

Source

Amazon Web Services (AWS) customers have been adopting the approach of using AWS PrivateLink to have secure communication to AWS services, their own internal services, and third-party services in the AWS Cloud. As these environments scale, the number of PrivateLink connections outbound to external services and inbound to internal …

Control VPC sharing in an AWS multi-account setup with service control policies

Source

Amazon Web Services (AWS) customers who establish shared infrastructure services in a multi-account environment through AWS Organizations and AWS Resource Access Manager (RAM) may find that the default permissions assigned to the management account are too broad. This may allow organizational accounts to share virtual private clouds (VPCs) with …