Tag: AWS IAM

Bottlerocket is an open source Linux-based OS purpose-built for hosting containers, and APN Partners and AWS customers can quickly get up and running with Bottlerocket. Our goal is to continue to enhance the capabilities of our APN Partners by working together to incorporate it within their offerings and services, so that our mutual customers benefit from the reduced footprint, improved security, performance, and automation capabilities of the OS.

Leveraging cloud-based microservices is not a solution that works for everyone or every application, but it’s one more point in favor of transitioning legacy applications to microservices. If you’re already looking to re-architect, consider it an opportunity to spin out regulated data into separate containers. From there, it’s not much more effort to move those containers to AWS. Learn how AWS technologies can help organizations reduce their Payment Card Industry (PCI) compliance burden.

As organizations continue to build data lakes on AWS and adopt Amazon EMR, especially when consuming data at enterprise scale, it’s critical to govern your data lakes by establishing federated access and having fine-grained controls to access your data. Learn how to implement SAML-based authentication (AuthN) using Okta for Amazon EMR, querying data using Zeppelin notebooks, and applying column-level authorization (AuthZ) using AWS Lake Formation.

As you design, develop, and build SaaS solutions on AWS, you must think about how you want to partition the data that belongs to each of your customers (tenants). In this post, experts from AWS SaaS Factory focus on what it means to implement the pooled model with Amazon DynamoDB. We’ll outline basic strategies to partition and isolate data by tenant, and illustrate common techniques you can use to avoid the “hot” partition problem that’s often associated with partitioning tenant data in a pooled model.

Effective and economical use of data is critical to your success. As data volumes increase exponentially, managing and extracting value from data becomes increasingly difficult. By adopting best practices that Onica has developed over years of using Amazon Redshift, you can improve the performance of your AWS data warehouse implementation. Onica has completed multiple projects ranging from assessing the current state of an Amazon Redshift cluster to helping tune, optimize, and deploy new clusters.

Explore several common AWS services and architectural patterns used by SaaS vendors to interact with their customers’ cloud accounts. Examples of SaaS products requiring some level of account interaction often fall into the categories of logging and monitoring, security, compliance, data analytics, DevOps, workflow management, and resource optimization. SaaS products, such as the ones in these categories, regularly interact with resources in the subscribing customer’s AWS account.

AWS Config continuously monitors and records your AWS resource configurations, and allows you to automate the evaluation of recorded configurations against desired configurations. This post aims to assist you on deploying a set of custom AWS Config Rules that leverages third-party REST APIs to evaluate AWS resources in an automated fashion. The AWS Config evaluations represented in this guide show the reporting status of Amazon EC2 instances against TrendMicro and Qualys.

The Digital Workplace program at AWS identifies APN Partners and AWS solutions that can help you build a digital workplace. All the partners and AWS solutions that we showcase have passed a Technical Baseline Review with AWS, and some of our APN Partners have also created AWS Quick Starts. These accelerators that reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately.

Next Caller uses machine learning on AWS to drive data analysis and the processing pipeline. Amazon SageMaker helps Next Caller understand call pathways through the telephone network, rendering analysis in approximately 125 milliseconds with the VeriCall analysis engine. VeriCall verifies that a phone call is coming from the physical device that owns the phone number, and flags spoofed calls and other suspicious interactions in real-time.

By hosting a Palo Alto Networks VM-Series firewall in an Amazon VPC, you can use AWS native cloud services—such as Amazon CloudWatch, Amazon Kinesis Data Streams, and AWS Lambda—to monitor your firewall for changes in configuration. This post explains why that’s desirable and walks you through the steps required to do it. You now have a way to monitor your Palo Alto Networks firewall that is very similar to how you monitor your AWS environment with AWS Config.