Posted On: Aug 12, 2021
AWS Innovation Sandbox provisions isolated, self-contained environments to help developers, security professionals, and infrastructure teams to securely evaluate, explore, and build proof-of-concepts (POCs) using AWS services and third-party applications that run on AWS.
The sandbox environment implements security controls to manage access and permissions through a browser-based Amazon AppStream 2.0 connection, minimizing the risk of data exfiltration from the user’s network environment.
This solutions implementation includes the following key features:
- Account isolation: Create sandbox accounts within an existing AWS Organizations with networking isolation to keep existing accounts secure.
- Secure guardrails: Secure controls with custom AWS Identity and Access Management (IAM) roles to allow users to experiment freely while restricting administrative changes to the sandbox account.
- Detective controls: Amazon CloudTrail logs are activated, stored, and secured to ensure sandbox activities’ auditing.
- Data movement restrictions: Prevents users from uploading data directly from their local machines. Data access is controlled by AWS Innovation Sandbox administrators.
This solution also creates IAM roles that allow elevated access to the sandbox account to allow environment customization, as needed. To learn more and get started, please visit the solutions implementation web page.
AWS Solutions Implementations help you solve common problems and build faster using the AWS platform. Additional AWS Solutions Implementations are available on the AWS Solutions Implementations web page, where you can browse technical reference implementations that are vetted by AWS architects, offering detailed architecture and instructions for deployment.