Category: Security, Identity, & Compliance

Since AWS has announced that all our services comply with the General Data Protection Regulation (GDPR), we wanted to explore some of the ways AWS can help you on your road to compliance. In this post, we walk through the support AWS offers across the APN as well as the AWS Premium Support and AWS Professional Services organizations. We explain how these teams are working with customers and APN Partners in Europe and around the world to support them with questions related to GDPR and AWS.

Data security is a concern for all enterprises and HashiCorp’s Vault Enterprise helps you achieve strong data security and scalability. Vault is a trusted secrets management tool designed to enable collaboration and governance across organizations. It enables developers, operators, and security professionals to deploy applications in zero-trust environments across public and private datacenters. Through a unified API and AWS integration, Vault can be integrated into your development at any stage.

AWS Solution Space allows AWS Competency Partners to showcase customer-ready solutions based on architectures validated by AWS. These are quick, cost effective, repeatable solutions meant to create new business leading to production workloads. Customers can also request AWS support for launching each solution. At launch, we are featuring 10 customer-ready solutions: 5 for Big Data, 3 for Machine Learning, one for Security, and one for End User Computing.

Cadence Design Systems, Inc. selected Dome9 Security, an APN Advanced Technology Partner, to provide network security management and automated compliance. The Dome9 Arc platform has a deep visualization tool, Dome9 Clarity, which provides a granular view of customers’ AWS Cloud assets. Dome9’s efforts provide Cadence with many benefits, including lower costs and accelerated time-to-market for products.

With the recent launch of VMware Cloud on AWS, you can now run workloads on VMware-managed SDDC clusters installed on special bare metal hardware provided by Amazon Amazon EC2 services. This post describes a solution for securing workloads on VMware Cloud on AWS that we demonstrated at VMworld 2017. VMware workloads that run in the SDDC cluster can leverage different levels of AWS network and application protection capabilities with minimum to no changes to their application settings.

Identity is a fundamental design decision that software as a service (SaaS) architects must consider when developing a multi-tenant system. Developers who are building SaaS applications must be able to identify a user, the tenant associated with the user, the user’s permissions, and the relationship a tenant has with the provider, such as usage plan or tier. In this post for SaaS Technology Partners, I will explore how to architect a multi-tenant system and identify tenant context and role using Amazon Cognito.

APN Partners new to managed services often have questions about how to protect their customers from social engineering attacks and how to best test themselves to meet APN Program requirements. In the same way a traditional MSP is responsible for the physical security of your datacenter, a next-gen MSP is a customer’s trusted resource for helping maintain their portion of the Shared Responsibility Model. Instead of physical keys, the MSP is their customer’s gatekeepers into the cloud.

Bridgewater Associates, based in Westport, CT, is a major investment management firm with more than $150 billion in assets that it manages for a global customer base of pension funds, endowments, foundations, central banks, and national governments. It is also an Amazon Web Services (AWS) customer that we’ve worked closely with over the past year […]

By Ian Scofield. Ian is a Partner Solutions Architect (SA) at AWS.  Over the course of three blog posts (Parts 1, 2, and 3), we’ve been discussing a new way for APN Partners to onboard customers, focusing on the creation of cross-account roles.  Throughout this series, we’ve proposed the usage of AWS CloudFormation for the […]

By Erin McGill. Erin is a Partner Solutions Architect (SA) at AWS.  Throughout this series, we’ve talked about easing cross-account role creation with AWS CloudFormation and a custom stack URL.  We’ve also discussed how to dynamically generate CloudFormation templates to populate a unique external ID. But once your cross-account role is created, how does the […]