AWS Partner Network (APN) Blog

Category: AWS Identity and Access Management (IAM)

SaaS-on-AWS-2

Implementing SaaS Tenant Isolation Using Amazon SageMaker Endpoints and IAM

As multi-tenant SaaS providers look to leverage machine learning services, they must consider how they’ll protect the data that flows in and out of these services from different tenants. Learn how tenant isolation of machine learning services can be achieved using AWS IAM, and how the integration between IAM, Amazon SageMaker, and many other AWS services provide developers with a rich set of mechanisms that can be applied to realize tenant isolation goals.

Read More
OneLogin-AWS-Partners

Simplifying Sign-In for AWS Managed Services with OneLogin, AWS Single Sign-On, and AWS IAM

OneLogin, an AWS Security Competency Partner, provides an identity platform for secure, scalable, and smart experiences that connects people to technology. Learn about all of the integrations available between OneLogin and AWS. Through these integrations, OneLogin enables you to seamlessly authenticate into AWS managed services across various domains, including analytics, compute, serverless, security, management and governance, and more.

Read More

Top Recommendations for Working with IAM from Our AWS Heroes – Part 4: Available Permissions and User Identity

When it debuted 10 years ago, AWS Identity and Access Management (IAM) supported15 services. Today, it’s woven into the core of everything in the AWS Cloud. Check out the fourth and final blog post celebrating IAM‘s 10th anniversary. Dive deep on the Service Authorization Reference, a comprehensive list of all the permissions in AWS, and explore the AWS CloudTrail userIdentity element that keeps track of who did what.

Read More

Top Recommendations for Working with IAM from Our AWS Heroes – Part 3: Permissions Boundaries and Conditions

This is our third blog post celebrating AWS Identity and Access Management (IAM)‘s 10th anniversary. Explore two powerful ways that you can limit access to AWS by setting the boundaries and conditionally provide access to resources in IAM policies. Permissions boundaries can be used for situations like granting someone limited permissions management abilities, while conditions enable you to specify when a policy statement is enforced.

Read More
Contino-AWS-Partners

Using AWS CloudFormation Modules to Improve Enterprise Security

Dive deep on AWS Identity and Access Management (IAM) permissions and how the principle of least privilege can be best achieved when using AWS CloudFormation, and more specifically CloudFormation Modules, to provision resources on AWS. CloudFormation Modules are a way to package resource configurations for inclusion across stack templates, in a transparent, manageable, and repeatable way.

Read More

Top Recommendations for IAM from Our AWS Heroes – Part 2: The Visual Editor and Federation

AWS Identity and Access Management (IAM)‘s 10th anniversary continues with Part 2 of our blog series. Writing an IAM policy can be tricky, but don’t feel overwhelmed. Learn how the IAM visual editor helps you create policies by providing helpful documentation and the correct syntax. You’ll also learn why you should use federation due to the short-term credentials made possible by IAM roles. More tips like these can be found throughout our 4-part blog series.

Read More

IAM 10th Anniversary: Top Recommendations for Working with IAM from Our AWS Heroes – Part 1

This year marks the 10th anniversary of AWS Identity and Access Management (IAM), which is essential in securing your applications and your AWS environment as a whole. To help you get the most out of this critical AWS service, we are excited to share a blog series featuring top recommendations for using IAM from AWS Heroes and APN Ambassadors, who will share recommendations which are driven from personal experiences using a service that’s foundational for the security of AWS customers.

Read More
PwC-AWS-Partners

Approaching Least Privilege – IAM Policies with Usage-Based Analytics

AWS customers are increasingly searching for new ways to manage access in a scalable way that maintains the benefits of an agile DevOps delivery model. However, the traditional and highly-manual processes for assessing and certifying access quickly demonstrates they cannot keep up with the speed of DevOps changes. Learn how PwC designs and implements baseline IAM roles for customers while leveraging usage-based analytics to identify overprivileged roles.

Read More
ClearDATA-AWS-Partners

How ClearDATA Enforces Data Locality with AWS IAM Permission Boundaries

For healthcare organizations bound by regulations that require privacy, security, and compliance protections for sensitive healthcare data, ClearDATA provides the peace of mind of automation-forward technology and industry-leading, HITRUST-certified, healthcare-exclusive expertise. Learn how ClearDATA Comply uses the IAM permission boundary feature to automate restricting access to specific AWS regions.

Read More
AWS-SaaS-Factory-1

Isolating SaaS Tenants with Dynamically Generated IAM Policies

Many SaaS organizations leverage AWS Identity and Access Management (IAM) to define a series of policies and roles that can be used to ensure tenants are not allowed to cross tenant boundaries when accessing resources. To make this work, you have to create separate policies for each tenant which can create an explosion of tenant policies that push the account limits of IAM. Learn how dynamic policy generation creates a more scalable and manageable isolation experience.

Read More