AWS Partner Network (APN) Blog
Category: Amazon Cognito
Tenant Switching and Custom Permissions in a Multi-Tenant Serverless Application
This post presents a cost-effective, serverless multi-tenant SaaS architecture utilizing AWS managed services. Users can belong to multiple tenants via Amazon Cognito user groups, and the solution enables seamless tenant switching and allows tenants to define custom roles with Amazon DynamoDB transactions. By leveraging AWS services, the architecture provides security, isolation, custom permissions, and flexibility to scale without operational overhead.
Integrating Amazon Cognito with 1Kosmos BlockID for Enhanced Security and User Experience
Multi-factor authentication (MFA) enhances security for web and mobile applications by requiring additional identification methods other than a password. Providing a frictionless user experience with MFA often requires a variety of authentication options that support a range of users and devices. Learn how 1Kosmos BlockID and Amazon Cognito can help to balance security with usability when building customer facing applications.
Authenticate Kubecost Users with Application Load Balancer and Amazon Cognito
Amazon EKS has a collaboration with Kubecost, a Kubernetes and cloud cost management tool that helps customers monitor, track, optimize, and govern their cloud and Kubernetes spending. Kubecost can be installed easily in a few minutes, but many customers are looking for a cloud-native way to expose Kubecost UI for their internal team to access the costs report. This post describes how to authenticate Kubecost users via Application Load Balancer and Amazon Cognito.
Simple and Flexible SaaS Entitlement Management with LaunchDarkly
Being able to support varying tenant configurations is a common requirement for SaaS providers. Learn how LaunchDarkly creates varied tenant experiences with entitlement flags and how to model entitlements as feature flags, targeted to tiers to give tenants access to specific features. We’ll also dive into ways you can use the LaunchDarkly feature for flagging deployments/releases, doing progressive rollouts, or running experimentation—all important release practices for SaaS providers.
Implementing a True Passwordless Authentication with Amazon Cognito and Transmit Security
Learn how AWS customers can use Amazon Cognito for their application authentication and leverage Transmit Security to provide end users with a passwordless authentication experience. Amazon Cognito lets you easily add user sign-up and authentication to your mobile and web apps. Transmit Security is an AWS Partner that provides advanced authentication and risk management solutions to the largest enterprises in the world.
How to Implement Object-Based Authorization in Serverless Applications Using Amazon Cognito
When building a complex web service such as a serverless application, sooner or later you must deal with permission control. Amazon Cognito is a powerful authentication and authorization service managed by AWS and is often combined with Amazon API Gateway and AWS Lambda to build secure serverless web services. Through the blueprint of an AWS Lambda authorizer, learn how to implement object-based authorization in serverless applications on AWS.
Use Amazon OpenSearch Service with Kibana for Identity Federation – Auth0
With the 2018 release of Amazon OpenSearch Service integration with Amazon Cognito, you can now enable corporate users to access OpenSearch with Kibana using your corporate directory credentials through identity federation. In this post, we share a step-by-step integration of Auth0 and Amazon Cognito. With Amazon Cognito User Pool, you can extend your directory so Auth0 users are able to log in to Kibana with the same security credentials.
Using Amazon OpenSearch Service with Kibana for Identity Federation – Active Directory
With the 2018 release of Amazon OpenSearch Service integration with Amazon Cognito, you can now enable corporate users to access OpenSearch with Kibana using your corporate directory credentials through identity federation. In this post, we share a step-by-step integration of Active Directory (AD) and Amazon Cognito. With Amazon Cognito User Pool, you can extend your directory so AD users are able to log in to Kibana with the same security credentials.
Managing SaaS Identity Through Custom Attributes and Amazon Cognito
Identity is a fundamental design decision that software as a service (SaaS) architects must consider when developing a multi-tenant system. Developers who are building SaaS applications must be able to identify a user, the tenant associated with the user, the user’s permissions, and the relationship a tenant has with the provider, such as usage plan or tier. In this post for SaaS Technology Partners, I will explore how to architect a multi-tenant system and identify tenant context and role using Amazon Cognito.