AWS Partner Network (APN) Blog

Category: Security, Identity, & Compliance*

AWS Migration

Enterprises Are Migrating to AWS with Confidence with Cloud-Native Visibility

As the move towards cloud accelerates, unsubstantiated fears about security are inhibiting the use of cloud services by some enterprises. A vital element of a successful cloud migration is understanding shared responsibilities between the organization and cloud service provider. Ixia’s CloudLens has a serverless architecture that scales with distributed software systems built for cloud scale, which delivers intelligent, resilient, and proactive cloud visibility.

Read More
VMware Cloud on AWS

Securing Workloads on VMware Cloud on AWS Using Native AWS Services

With the recent launch of VMware Cloud on AWS, you can now run workloads on VMware-managed SDDC clusters installed on special bare metal hardware provided by Amazon Amazon EC2 services. This post describes a solution for securing workloads on VMware Cloud on AWS that we demonstrated at VMworld 2017. VMware workloads that run in the SDDC cluster can leverage different levels of AWS network and application protection capabilities with minimum to no changes to their application settings.

Read More
Mobile Sign Ups_border

Managing SaaS Identity Through Custom Attributes and Amazon Cognito

Identity is a fundamental design decision that software as a service (SaaS) architects must consider when developing a multi-tenant system. Developers who are building SaaS applications must be able to identify a user, the tenant associated with the user, the user’s permissions, and the relationship a tenant has with the provider, such as usage plan or tier. In this post for SaaS Technology Partners, I will explore how to architect a multi-tenant system and identify tenant context and role using Amazon Cognito.

Read More
AWS Security

Next-Gen Managed Services Security: Social Engineering

APN Partners new to managed services often have questions about how to protect their customers from social engineering attacks and how to best test themselves to meet APN Program requirements. In the same way a traditional MSP is responsible for the physical security of your datacenter, a next-gen MSP is a customer’s trusted resource for helping maintain their portion of the Shared Responsibility Model. Instead of physical keys, the MSP is their customer’s gatekeepers into the cloud.

Read More

How an investment firm collaborated with HashiCorp and AWS to enhance their secrets management

Bridgewater Associates, based in Westport, CT, is a major investment management firm with more than $150 billion in assets that it manages for a global customer base of pension funds, endowments, foundations, central banks, and national governments. It is also an Amazon Web Services (AWS) customer that we’ve worked closely with over the past year […]

Read More

Wrap Up: Cross-Account Role Onboarding Workflow

By Ian Scofield. Ian is a Partner Solutions Architect (SA) at AWS.  Over the course of three blog posts (Parts 1, 2, and 3), we’ve been discussing a new way for APN Partners to onboard customers, focusing on the creation of cross-account roles.  Throughout this series, we’ve proposed the usage of AWS CloudFormation for the […]

Read More

Collecting Information from AWS CloudFormation Resources Created in External Accounts with Custom Resources

By Erin McGill. Erin is a Partner Solutions Architect (SA) at AWS.  Throughout this series, we’ve talked about easing cross-account role creation with AWS CloudFormation and a custom stack URL.  We’ve also discussed how to dynamically generate CloudFormation templates to populate a unique external ID. But once your cross-account role is created, how does the […]

Read More

Announcing the Security Competency for APN Consulting Partners

Recognizing APN Consulting Partners who provide deep technical and consulting expertise helping enterprises adopt, develop, and deploy complex security projects. Security is the top priority at AWS. Under the AWS shared responsibility model, AWS provides a global secure infrastructure and foundation compute, storage, networking and database services, as well as higher level services. While AWS […]

Read More

Generating Custom AWS CloudFormation Templates with Lambda to Create Cross-Account Roles

Ian Scofield is a Partner Solutions Architect (SA) at AWS.  In a previous post in our series, we showed how to use an AWS CloudFormation launch stack URL to help customers create a cross-account role in their AWS account. As mentioned in an earlier APN Blog post, a cross-account role is the recommended method to […]

Read More

Shift Security Left through DevSecOps

Fusing application development with integrated, automated security processes By Christian Lachaux, AABG Security Lead, Accenture; Federico Tandeter, Cloud Security Offering Development Lead, Accenture. Accenture is a Premier APN Consulting Partner and AWS MSP who holds a number of AWS Competencies, including Migration. Development+Security+Operations, better known as DevSecOps, is revolutionizing application development by integrating automated security […]

Read More