AWS Partner Network (APN) Blog
Category: Security
Managing SaaS Identity Through Custom Attributes and Amazon Cognito
Identity is a fundamental design decision that software as a service (SaaS) architects must consider when developing a multi-tenant system. Developers who are building SaaS applications must be able to identify a user, the tenant associated with the user, the user’s permissions, and the relationship a tenant has with the provider, such as usage plan or tier. In this post for SaaS Technology Partners, I will explore how to architect a multi-tenant system and identify tenant context and role using Amazon Cognito.
Read MoreNext-Gen Managed Services Security: Social Engineering
APN Partners new to managed services often have questions about how to protect their customers from social engineering attacks and how to best test themselves to meet APN Program requirements. In the same way a traditional MSP is responsible for the physical security of your datacenter, a next-gen MSP is a customer’s trusted resource for helping maintain their portion of the Shared Responsibility Model. Instead of physical keys, the MSP is their customer’s gatekeepers into the cloud.
Read MoreWrap Up: Cross-Account Role Onboarding Workflow
By Ian Scofield. Ian is a Partner Solutions Architect (SA) at AWS. Over the course of three blog posts (Parts 1, 2, and 3), we’ve been discussing a new way for APN Partners to onboard customers, focusing on the creation of cross-account roles. Throughout this series, we’ve proposed the usage of AWS CloudFormation for the […]
Read MoreCollecting Information from AWS CloudFormation Resources Created in External Accounts with Custom Resources
By Erin McGill. Erin is a Partner Solutions Architect (SA) at AWS. Throughout this series, we’ve talked about easing cross-account role creation with AWS CloudFormation and a custom stack URL. We’ve also discussed how to dynamically generate CloudFormation templates to populate a unique external ID. But once your cross-account role is created, how does the […]
Read MoreAnnouncing the Security Competency for APN Consulting Partners
Recognizing APN Consulting Partners who provide deep technical and consulting expertise helping enterprises adopt, develop, and deploy complex security projects. Security is the top priority at AWS. Under the AWS shared responsibility model, AWS provides a global secure infrastructure and foundation compute, storage, networking and database services, as well as higher level services. While AWS […]
Read MoreGenerating Custom AWS CloudFormation Templates with Lambda to Create Cross-Account Roles
Ian Scofield is a Partner Solutions Architect (SA) at AWS. In a previous post in our series, we showed how to use an AWS CloudFormation launch stack URL to help customers create a cross-account role in their AWS account. As mentioned in an earlier APN Blog post, a cross-account role is the recommended method to […]
Read MoreShift Security Left through DevSecOps
Fusing application development with integrated, automated security processes By Christian Lachaux, AABG Security Lead, Accenture; Federico Tandeter, Cloud Security Offering Development Lead, Accenture. Accenture is a Premier APN Consulting Partner and AWS MSP who holds a number of AWS Competencies, including Migration. Development+Security+Operations, better known as DevSecOps, is revolutionizing application development by integrating automated security […]
Read MorePartner SA Roundup – March 2017
For this month’s Partner SA roundup, AWS Partner SAs Pratap Ramamurthy, Juan Villa, and Scott Ward discuss three APN Technology Partners: SoftNAS, Threat Stack, and Zscaler. Let’s dive in! SoftNAS, by Juan Villa Deploying and managing high performance and highly available NAS/SAN solutions can be difficult and error prone. SoftNAS, an APN Advanced Technology and […]
Read MoreHIPAA and HITRUST on AWS
The reasons customers continue choosing the AWS Cloud are many: agility, security, control, and cost are just some we hear from customers large and small. The reasons healthcare organizations are choosing the AWS Cloud are no different and, since launching our Business Associate Addendum in 2013, security and control have been at the top of […]
Read MoreGxP on AWS
By Chris Whalley. Chris is a Security Assurance TPM at AWS. GxP (Good [anything] Practices) is an acronym that refers to the regulations and guidelines applicable to life sciences organizations that make food and medical products such as drugs, medical devices, and medical software applications. The term GxP encompasses a broad range of compliance-related activities […]
Read More