Category: Best Practices

The Center for Internet Security (CIS) is responsible for the CIS Controls and CIS Benchmarks, which are globally recognized best practices for securing IT systems and data. The implementation of these can help harden systems through various means, whether it be disabling unnecessary ports or eliminating unneeded services. Purchasing a pre-hardened image is a great option, especially since you are ensured compliance with the CIS Benchmark, and deploying it would not require much maintenance on your end.

With the general availability of AWS PrivateLink for Amazon S3 released earlier this year, customers can take advantage of private connectivity between S3 and on-premises resources using private IPs from your virtual network. Learn how to leverage interface VPC endpoints (AWS PrivateLink) for Amazon S3 and its integrations with VMware Cloud on AWS, which brings VMware’s enterprise-class software-defined data center software to the AWS Cloud.

OneLogin, an AWS Security Competency Partner, provides an identity platform for secure, scalable, and smart experiences that connects people to technology. Learn about all of the integrations available between OneLogin and AWS. Through these integrations, OneLogin enables you to seamlessly authenticate into AWS managed services across various domains, including analytics, compute, serverless, security, management and governance, and more.

As AWS Control Tower is adopted more and more, it’s important that AWS Consulting Partners within the AWS Solution Provider Program can leverage the multi-account benefits Control Tower offers. Learn how the Solution Provider Program is flexible in the types of customer models it allows. This flexibility serves the end customer’s business needs. However, AWS Partners must take care in how they architect AWS Organizations for their customers, which directly impacts the use of Control Tower.

Capturing, managing, and analyzing costs is an essential part of any SaaS business. Without a firm grasp on the cost profile of your SaaS environment, it will be difficult to assess the tiering and pricing models of your solution. Learn how the Cost Optimization pillar of the AWS Well-Architected SaaS Lens identifies specific best practices that can help you improve the cost profile of a SaaS application. These play a key role in shaping the operational and scaling experience of your SaaS environment.

AWS customers can start transforming their applications and moving towards microservices architecture by utilizing the VMware Cloud on AWS. Learn how to integrate VMware Cloud on AWS with Amazon EKS to accelerate application modernization. Amazon EKS provides a simplified and fully managed Kubernetes platform to effortlessly manage container workloads and deploy microservices-based applications, along with multiple flexible options to publish microservices externally.

Running virtual machines with databases or datastores on VMware Cloud on AWS lets you use the same management tools and VMs as on your on-premises VMware vSphere environment. You can easily extend these workloads to the cloud and take advantage of AWS on-demand delivery, global footprint, elasticity, and scalability. Learn how VMware Cloud on AWS brings these datasets closer to AWS Analytics Services, making it easier to use services to draw meaningful insights from business data.

When it debuted 10 years ago, AWS Identity and Access Management (IAM) supported15 services. Today, it’s woven into the core of everything in the AWS Cloud. Check out the fourth and final blog post celebrating IAM‘s 10th anniversary. Dive deep on the Service Authorization Reference, a comprehensive list of all the permissions in AWS, and explore the AWS CloudTrail userIdentity element that keeps track of who did what.

This is our third blog post celebrating AWS Identity and Access Management (IAM)‘s 10th anniversary. Explore two powerful ways that you can limit access to AWS by setting the boundaries and conditionally provide access to resources in IAM policies. Permissions boundaries can be used for situations like granting someone limited permissions management abilities, while conditions enable you to specify when a policy statement is enforced.

AWS Identity and Access Management (IAM)‘s 10th anniversary continues with Part 2 of our blog series. Writing an IAM policy can be tricky, but don’t feel overwhelmed. Learn how the IAM visual editor helps you create policies by providing helpful documentation and the correct syntax. You’ll also learn why you should use federation due to the short-term credentials made possible by IAM roles. More tips like these can be found throughout our 4-part blog series.