AWS Partner Network (APN) Blog

Category: AWS Identity and Access Management (IAM)

Okta-APN-Blog-100422

Improve the Availability of Existing Okta IAM Federation Setup Using Multi-Region SAML Endpoints

Federation using SAML 2.0 enables customers to use their existing external IdP and avoid managing multiple sources of identities when accessing AWS accounts. This post builds on the recommendation of using regional SAML endpoints for failover by showing how you can configure Okta‘s federation with IAM to increase its availability. Learn how to configure Okta, an AWS Security Competency Partner, to utilize multiple regional AWS SAML sign-in endpoints that can be deployed at setup by the Okta admin.

SaaS-on-AWS-2

Implementing SaaS Tenant Isolation Using Amazon SageMaker Endpoints and IAM

As multi-tenant SaaS providers look to leverage machine learning services, they must consider how they’ll protect the data that flows in and out of these services from different tenants. Learn how tenant isolation of machine learning services can be achieved using AWS IAM, and how the integration between IAM, Amazon SageMaker, and many other AWS services provide developers with a rich set of mechanisms that can be applied to realize tenant isolation goals.

OneLogin-AWS-Partners

Simplifying Sign-In for AWS Managed Services with OneLogin, AWS Single Sign-On, and AWS IAM

OneLogin, an AWS Security Competency Partner, provides an identity platform for secure, scalable, and smart experiences that connects people to technology. Learn about all of the integrations available between OneLogin and AWS. Through these integrations, OneLogin enables you to seamlessly authenticate into AWS managed services across various domains, including analytics, compute, serverless, security, management and governance, and more.

Top Recommendations for Working with IAM from Our AWS Heroes – Part 4: Available Permissions and User Identity

When it debuted 10 years ago, AWS Identity and Access Management (IAM) supported15 services. Today, it’s woven into the core of everything in the AWS Cloud. Check out the fourth and final blog post celebrating IAM‘s 10th anniversary. Dive deep on the Service Authorization Reference, a comprehensive list of all the permissions in AWS, and explore the AWS CloudTrail userIdentity element that keeps track of who did what.

Top Recommendations for Working with IAM from Our AWS Heroes – Part 3: Permissions Boundaries and Conditions

This is our third blog post celebrating AWS Identity and Access Management (IAM)‘s 10th anniversary. Explore two powerful ways that you can limit access to AWS by setting the boundaries and conditionally provide access to resources in IAM policies. Permissions boundaries can be used for situations like granting someone limited permissions management abilities, while conditions enable you to specify when a policy statement is enforced.

Contino-AWS-Partners

Using AWS CloudFormation Modules to Improve Enterprise Security

Dive deep on AWS Identity and Access Management (IAM) permissions and how the principle of least privilege can be best achieved when using AWS CloudFormation, and more specifically CloudFormation Modules, to provision resources on AWS. CloudFormation Modules are a way to package resource configurations for inclusion across stack templates, in a transparent, manageable, and repeatable way.

Top Recommendations for IAM from Our AWS Heroes – Part 2: The Visual Editor and Federation

AWS Identity and Access Management (IAM)‘s 10th anniversary continues with Part 2 of our blog series. Writing an IAM policy can be tricky, but don’t feel overwhelmed. Learn how the IAM visual editor helps you create policies by providing helpful documentation and the correct syntax. You’ll also learn why you should use federation due to the short-term credentials made possible by IAM roles. More tips like these can be found throughout our 4-part blog series.

IAM 10th Anniversary: Top Recommendations for Working with IAM from Our AWS Heroes – Part 1

This year marks the 10th anniversary of AWS Identity and Access Management (IAM), which is essential in securing your applications and your AWS environment as a whole. To help you get the most out of this critical AWS service, we are excited to share a blog series featuring top recommendations for using IAM from AWS Heroes and APN Ambassadors, who will share recommendations which are driven from personal experiences using a service that’s foundational for the security of AWS customers.

PwC-AWS-Partners

Approaching Least Privilege – IAM Policies with Usage-Based Analytics

AWS customers are increasingly searching for new ways to manage access in a scalable way that maintains the benefits of an agile DevOps delivery model. However, the traditional and highly-manual processes for assessing and certifying access quickly demonstrates they cannot keep up with the speed of DevOps changes. Learn how PwC designs and implements baseline IAM roles for customers while leveraging usage-based analytics to identify overprivileged roles.

ClearDATA-AWS-Partners

How ClearDATA Enforces Data Locality with AWS IAM Permission Boundaries

For healthcare organizations bound by regulations that require privacy, security, and compliance protections for sensitive healthcare data, ClearDATA provides the peace of mind of automation-forward technology and industry-leading, HITRUST-certified, healthcare-exclusive expertise. Learn how ClearDATA Comply uses the IAM permission boundary feature to automate restricting access to specific AWS regions.