Showing only posts tagged IAM. Show all posts.

Extend AWS IAM roles to workloads outside of AWS with IAM Roles Anywhere

Source

AWS Identity and Access Management (IAM) has now made it easier for you to use IAM roles for your workloads that are running outside of AWS, with the release of IAM Roles Anywhere. This feature extends the capabilities of IAM roles to workloads outside of AWS. You can use …

A sneak peek at the identity and access management sessions for AWS re:Inforce 2022

Source

Register now with discount code SALFNj7FaRe to get $150 off your full conference pass to AWS re:Inforce. For a limited time only and while supplies last. AWS re:Inforce 2022 will take place in-person in Boston, MA, on July 26 and 27 and will include some exciting identity …

IAM policy types: How and when to use them

Source

You manage access in AWS by creating policies and attaching them to AWS Identity and Access Management (IAM) principals (roles, users, or groups of users) or AWS resources. AWS evaluates these policies when an IAM principal makes a request, such as uploading an object to an Amazon Simple Storage …

When and where to use IAM permissions boundaries

Source

Customers often ask for guidance on permissions boundaries in AWS Identity and Access Management (IAM) and when, where, and how to use them. A permissions boundary is an IAM feature that helps your centralized cloud IAM teams to safely empower your application developers to create new IAM roles and …

Build a strong identity foundation that uses your existing on-premises Active Directory

Source

This blog post outlines how to use your existing Microsoft Active Directory (AD) to reliably authenticate access to your Amazon Web Services (AWS) accounts, infrastructure running on AWS, and third-party applications. The architecture we describe is designed to be highly available and extends access to your existing AD to …

How to set up federated single sign-on to AWS using Google Workspace

Source

Organizations who want to federate their external identity provider (IdP) to AWS will typically do it through AWS Single Sign-On (AWS SSO), AWS Identity and Access Management (IAM), or use both. With AWS SSO, you configure federation once and manage access to all of your AWS accounts centrally. With …

How to set up IAM federation using Google Workspace

Source

March 16, 2022: The title and the opening section of this blog post has been updated. Federating your external identity provider (IdP) to AWS is a best practice. The simplest way to federate into AWS is with AWS Single Sign-On (AWS SSO). With AWS SSO, you configure federation once …

How to secure API Gateway HTTP endpoints with JWT authorizer

Source

This blog post demonstrates how you can secure Amazon API Gateway HTTP endpoints with JSON web token (JWT) authorizers. Amazon API Gateway helps developers create, publish, and maintain secure APIs at any scale, helping manage thousands of API calls. There are no minimum fees, and you only pay for …

Security practices in AWS multi-tenant SaaS environments

Source

Securing software-as-a-service (SaaS) applications is a top priority for all application architects and developers. Doing so in an environment shared by multiple tenants can be even more challenging. Identity frameworks and concepts can take time to understand, and forming tenant isolation in these environments requires deep understanding of different …

IAM Access Analyzer makes it easier to implement least privilege permissions by generating IAM policies based on access activity

Source

In 2019, AWS Identity and Access Management (IAM) Access Analyzer was launched to help you remove unintended public and cross account access by analyzing your existing permissions. In March 2021, IAM Access Analyzer added policy validation to help you set secure and functional permissions during policy authoring. Now, IAM …

« newer articles | page 2