Category: AWS Identity and Access Management (IAM)

For healthcare organizations bound by regulations that require privacy, security, and compliance protections for sensitive healthcare data, ClearDATA provides the peace of mind of automation-forward technology and industry-leading, HITRUST-certified, healthcare-exclusive expertise. Learn how ClearDATA Comply uses the IAM permission boundary feature to automate restricting access to specific AWS regions.

Many SaaS organizations leverage AWS Identity and Access Management (IAM) to define a series of policies and roles that can be used to ensure tenants are not allowed to cross tenant boundaries when accessing resources. To make this work, you have to create separate policies for each tenant which can create an explosion of tenant policies that push the account limits of IAM. Learn how dynamic policy generation creates a more scalable and manageable isolation experience.

Permissions boundaries allow admins to delegate permissions to users so they can create new AWS service roles without elevating their own permissions. This removes the need for admins to field requests for these role creations and promotes self-service for users. The ultimate goal is to remove blockers for enhanced productivity. Learn how to pair permissions boundaries with Kion for increased automation and delegation.

With the recent launch of AWS Identity and Access Management (IAM) session tags, customers can simplify fine-grained access to Amazon Web Services (AWS) resources by using attributes from their own corporate directories in permissions rules. Enterprise customers frequently manage their workforce identities (the “who”) using an identity provider (IdP) such as PingFederate or PingOne for Enterprise by Ping Identity.

Bridgewater Associates, based in Westport, CT, is a major investment management firm with more than $150 billion in assets that it manages for a global customer base of pension funds, endowments, foundations, central banks, and national governments. It is also an Amazon Web Services (AWS) customer that we’ve worked closely with over the past year […]

By Erin McGill, Partner Solutions Architect – AWS AWS Partners frequently ask me about the most secure way to access resources in a customer account. While this is possible using keys – secrets that are hard to manage, rotate, and ideally, should never be shared. We recommend that AWS Partners use a more secure method: […]