Tag: Identity and Access Management

AWS Config continuously monitors and records your AWS resource configurations, and allows you to automate the evaluation of recorded configurations against desired configurations. This post aims to assist you on deploying a set of custom AWS Config Rules that leverages third-party REST APIs to evaluate AWS resources in an automated fashion. The AWS Config evaluations represented in this guide show the reporting status of Amazon EC2 instances against TrendMicro and Qualys.

The Digital Workplace program at AWS identifies APN Partners and AWS solutions that can help you build a digital workplace. All the partners and AWS solutions that we showcase have passed a Technical Baseline Review with AWS, and some of our APN Partners have also created AWS Quick Starts. These accelerators that reduce hundreds of manual procedures into just a few steps, so you can build your production environment quickly and start using it immediately.

By hosting a Palo Alto Networks VM-Series firewall in an Amazon VPC, you can use AWS native cloud services—such as Amazon CloudWatch, Amazon Kinesis Data Streams, and AWS Lambda—to monitor your firewall for changes in configuration. This post explains why that’s desirable and walks you through the steps required to do it. You now have a way to monitor your Palo Alto Networks firewall that is very similar to how you monitor your AWS environment with AWS Config.

Customers want to use Teradata Vantage to analyze the data they have stored in Amazon S3, but the AWS service that prepares and loads data stored in S3 for analytics, AWS Glue, does not natively support Teradata Vantage. To use AWS Glue to prep and load data for analysis by Teradata Vantage, you need to rely on AWS Glue custom database connectors. Follow step-by-step instructions and learn how to set up Vantage and AWS Glue to perform Teradata-level analytics on the data you have stored in Amazon S3.

Terraform and AWS CloudFormation allow you to express infrastructure resources as code and manage them programmatically. Each has its advantages, but some enterprises already have expertise in Terraform and prefer using it to manage their AWS resources. To accommodate that preference, CloudFormation allows you to use non-AWS resources to manage AWS infrastructure. Learn the steps to create a CloudFormation registry resource type for Terraform and deploy it as an AWS Service Catalog product.

In order to deliver serverless applications, customers often turn to DevOps principles to efficiently build, deploy, operate, and iterate on features and changes. CI/CD is one of the major components of DevOps that helps deliver code faster and more reliably to production. GitLab’s continuous integration offering provides a rich set of features for automating how new code is incorporated into your software and how new versions of your software get built and deployed.

To fully leverage the versatility and scalability of containers, you need a monitoring solution capable of providing clarity into a highly dynamic environment comprising thousands (or even tens of thousands) of ephemeral containers. Learn how Datadog provides visibility into dynamic, ephemeral container workloads running on Amazon EKS, a service that makes it easy for you to run Kubernetes on AWS without needing to install and operate your own Kubernetes clusters.

End users can now configure AWS Single Sign-On (AWS SSO) to access Dynatrace with a single sign-on experience using the same credentials they use with their Amazon Web Services (AWS) account. AWS Single Sign-On provides administrators a simple way to assign users and groups access to AWS accounts, roles, and SAML-based applications. This eliminates the need for users to log in to Dynatrace separately.

AWS CloudHSM is a cloud-based hardware security module (HSM) that enables you to easily generate, store, import, export, and manage your cryptographic keys. This post walks through using AWS services to create a pipeline that sends HSM audit logs into Splunk. You’ll also learn how to interpret the audit events and gain specific data insights that enable you to flag critical events taking place on the CloudHSM appliance.

AWS Single Sign-On makes it easy to centrally manage SSO access to multiple AWS accounts and business applications. You can use AWS SSO to create and manage users centrally and grant access to AWS accounts and business applications, such as Databricks. Instead of having to sign in separately to Databricks Control Plane and other business applications, with this configuration enabled users can access Databricks with their corporate credentials using AWS SSO.