Tag: AWS Security Token Service

With AWS Identity and Access Management (IAM), AWS provides a central way to manage user identities and permissions. However, creating and managing the lifecycle of IAM users in AWS can be time-consuming. This post explores how to authenticate users against Azure AD for access to one or multiple AWS accounts using SAML federation. Additionally, it includes a walkthrough on how to setup the federation across Azure AD and multiple AWS accounts.

When it debuted 10 years ago, AWS Identity and Access Management (IAM) supported15 services. Today, it’s woven into the core of everything in the AWS Cloud. Check out the fourth and final blog post celebrating IAM‘s 10th anniversary. Dive deep on the Service Authorization Reference, a comprehensive list of all the permissions in AWS, and explore the AWS CloudTrail userIdentity element that keeps track of who did what.

As part of adopting a multi-tenant SaaS model, a key challenge is how to provide strong tenant isolation in a cost effective and scalable manner. Being able to effectively isolate your tenants is an important part of a multi-tenant system. Learn how dynamic policy generation gets applied as part of the overall isolation story of your SaaS solution, and follow along with AWS reference implementation to demonstrate how to use dynamically generated policies in code.