AWS Partner Network (APN) Blog
Tag: Identity and Access Management
How T-Systems Enabled AWS Config at Scale for Deutsche Telekom IT’s Landing Zone
Learn how T-Systems has enabled AWS Config at scale on Deutsche Telekom IT’s AWS landing zone, which is a brownfield environment with more than 600 AWS accounts. AWS Config is a governance and compliance service that enables you to assess, audit, and evaluate the configurations of your resources. The main motivator for Deutsche Telekom IT using AWS Config is that developing compliance checks using custom tools was time consuming, unscalable, and came with a large operational overhead.
How to Use a CIS Hardened Image to Set Up an Amazon EC2 Mac Instance
Learn how to set up an Amazon EC2 Mac instance with a hardened image provided by the Center for Internet Security (CIS). This will help you to mitigate common threats like malware, denial of service, insufficient authorization, and overlapping trust boundary threats. CIS is an AWS Partner and community-driven nonprofit that aims to make the connected world a safer place for people, businesses, and governments.
Create AWS Accounts and Align to the CIS AWS Foundations Benchmark with Stax
Learn how the CIS AWS Foundations Benchmark helps organizations operate securely whilst examining the common challenges businesses face in its implementation. Stax can offer a solution to speed up AWS account creation while adhering to the CIS AWS Foundations Benchmark. Creating and configuring AWS accounts securely can be a time-consuming and tedious exercise. Competing priorities can result in rushed or inconsistent process, impacting security, agility, and velocity.
Partitioning and Isolating Multi-Tenant SaaS Data with Amazon S3
Many SaaS applications store multi-tenant data with Amazon S3. Learn about the various strategies that can be applied when partitioning tenant data with S3, and explore the considerations that may influence how and when you apply these mechanisms in your own solution. See how this influences tenant isolation and the accessibility of S3 objects, and dive deep on tenant activity and cost tracking, lifecycle management for objects, and additional bucket security configurations.
Securely Querying Your Data Lake with Ahana Presto and AWS Lake Formation
Ahana provides a fully managed and easy-to-use service for running Presto on AWS, and customers like Metropolis use Ahana to query data in their Amazon S3-based data lake for business intelligence, ad-hoc analytics, and reporting. Learn how Metropolis uses AWS Lake Formation and Ahana to build a data lake that allows their analysts and data scientists to develop a simple, hands-free parking experience for their customers.
Implementing Data Mesh Using LTI’s Canvas Scarlet Framework on AWS
As data grows at an exponential rate both in volume and velocity, it becomes important for organizations to carve out a strategy to store data in appropriate locations with the correct safeguards to address data access and privacy concerns. Learn how organizations can transform their data landscape into a more controlled, flexible, and secure landscape using LTI’s Canvas Scarlet Data Mesh framework built on AWS to meet the data challenges an organization faces today.
Integrating the Braze Customer Engagement Platform into Your Hotel Booking Engine
By powering personalized, relevant, and timely digital interactions built on guest behavior data, Braze can help AWS lodging customers generate additional revenue and engage guests for the long run using personalization. Learn how a hotel customer can rapidly and simply transform their web booking engine into a digital user engagement solution offering a personalized booking experience including upsell capabilities.
Hybrid Container Application Stack Using Microservices and Amazon ECS Anywhere
Learn how DXC Technology was able to leverage Amazon ECS Anywhere to fulfill regulatory and compute requirements and increase operational efficiency for a use case for an in-house proprietary tool where a part of the application stack must run on premises. DXC needed a hybrid cloud solution to execute their toolkit data capture and analysis strategy without major changes in application design or architecture.
SaaS Identity and Routing with Istio Service Mesh and Amazon EKS
Many SaaS providers are leveraging Amazon EKS to build their solutions on AWS, as EKS provides builders with a range of different constructs that can be used to implement multi-tenant strategies. In this post, explore an architecture based on EKS that demonstrates a siloed SaaS deployment model, using Istio Service Mesh to manage request authentication and per-tenant routing. Istio is an open-source service mesh that many SaaS providers use for deploying their multi-tenant applications.
Using Amazon Comprehend Medical with the Snowflake Data Cloud
Healthcare customers use Snowflake to store all types of clinical data in a single source of truth. One method for gaining insights from this data is to use Amazon Comprehend Medical, which is a HIPAA-eligible natural language processing service that uses machine learning to extract health data from medical text. Learn how the Snowflake Data Cloud allows healthcare and life sciences organizations to centralize data in a single and secure location.