AWS Partner Network (APN) Blog

Category: AWS Identity and Access Management (IAM)

PwC-AWS-Partners

Approaching Least Privilege – IAM Policies with Usage-Based Analytics

AWS customers are increasingly searching for new ways to manage access in a scalable way that maintains the benefits of an agile DevOps delivery model. However, the traditional and highly-manual processes for assessing and certifying access quickly demonstrates they cannot keep up with the speed of DevOps changes. Learn how PwC designs and implements baseline IAM roles for customers while leveraging usage-based analytics to identify overprivileged roles.

Read More
ClearDATA-AWS-Partners

How ClearDATA Enforces Data Locality with AWS IAM Permission Boundaries

For healthcare organizations bound by regulations that require privacy, security, and compliance protections for sensitive healthcare data, ClearDATA provides the peace of mind of automation-forward technology and industry-leading, HITRUST-certified, healthcare-exclusive expertise. Learn how ClearDATA Comply uses the IAM permission boundary feature to automate restricting access to specific AWS regions.

Read More
AWS-SaaS-Factory-1

Isolating SaaS Tenants with Dynamically Generated IAM Policies

Many SaaS organizations leverage AWS Identity and Access Management (IAM) to define a series of policies and roles that can be used to ensure tenants are not allowed to cross tenant boundaries when accessing resources. To make this work, you have to create separate policies for each tenant which can create an explosion of tenant policies that push the account limits of IAM. Learn how dynamic policy generation creates a more scalable and manageable isolation experience.

Read More

Easily Delegate Responsibilities Using AWS Permissions Boundaries and cloudtamer.io

Permissions boundaries allow admins to delegate permissions to users so they can create new AWS service roles without elevating their own permissions. This removes the need for admins to field requests for these role creations and promotes self-service for users. The ultimate goal is to remove blockers for enhanced productivity. Learn how to pair permissions boundaries with cloudtamer.io for increased automation and delegation.

Read More
Ping Identity_AWS Solutions

Simplifying Fine-Grained Access to AWS Resources with Ping Identity

With the recent launch of AWS Identity and Access Management (IAM) session tags, customers can simplify fine-grained access to Amazon Web Services (AWS) resources by using attributes from their own corporate directories in permissions rules. Enterprise customers frequently manage their workforce identities (the “who”) using an identity provider (IdP) such as PingFederate or PingOne for Enterprise by Ping Identity.

Read More

How an investment firm collaborated with HashiCorp and AWS to enhance their secrets management

Bridgewater Associates, based in Westport, CT, is a major investment management firm with more than $150 billion in assets that it manages for a global customer base of pension funds, endowments, foundations, central banks, and national governments. It is also an Amazon Web Services (AWS) customer that we’ve worked closely with over the past year […]

Read More