Tag: Security

MongoDB Atlas is the global cloud database service for modern applications, and in this post learn how to configure MongoDB Atlas to authenticate using AWS Single Sign-On (AWS SSO). Instead of having to sign in separately to MongoDB Atlas Control Plane, with this configuration enabled users can access the MongoDB Atlas user interface with their corporate credentials using AWS SSO. This delivers a better user experience without the need for managing separate sets of credentials.

Virtusa recently received a requirement to make an application programming interface (API) accessible across another AWS account. The API was an internal-only API hosted in a private subnet, and could be accessed only from within the network. The requirement also stipulated Virtusa make only a few read-only (Get) methods accessible, and not all the methods from the API. Learn how Virtusa addressed the customer’s challenge by designing a solution that uses Amazon API Gateway with IAM authentication.

As part of adopting a multi-tenant SaaS model, a key challenge is how to provide strong tenant isolation in a cost effective and scalable manner. Being able to effectively isolate your tenants is an important part of a multi-tenant system. Learn how dynamic policy generation gets applied as part of the overall isolation story of your SaaS solution, and follow along with AWS reference implementation to demonstrate how to use dynamically generated policies in code.

In addition to delivering value-adding products and services, next-gen MSPs are increasingly expected to provide validation that they can meet all of your cloud needs. For AWS Managed Service Providers, learn how using CloudHealth by VMware can help you meet many of the requirements to become an AWS MSP Partner. CloudHealth makes it possible for enterprises to control and analyze the costs, compliance, and performance of their computing environments.

Automation and integration are critical to producing applications with fewer flaws at a speed that won’t slow developers down. However, this is only possible with a well-planned DevSecOps program and the right tools embedded into your software development lifecycle. Dig into the importance of the digital shift and how you can implement DevSecOps into existing workflows with the combined control of Veracode’s scanning tools and AWS integrations.

We are excited to highlight 129 AWS Partners that received new designations in December for our global AWS Competency, AWS Managed Service Provider (MSP), AWS Service Delivery, and AWS Service Ready programs. These designations span workload, solution, and industry, and help AWS customers identify top AWS Partners that can deliver on core business objectives. AWS Partners are focused on your success, helping customers take full advantage of the business benefits AWS has to offer.

A pair of leading Kubernetes-native network security solutions, Calico and Calico Enterprise are both now available as AWS Quick Starts. Everything you need to leverage Calico and Calico Enterprise is installed and configured in your Amazon EKS cluster. This enables you to take advantage of the full set of Kubernetes security, observability, and networking features, including Calico’s flexible IP address management capabilities.

Many enterprise customers improve project security by segregating individual projects, or project environments like DEV or PROD, in separate AWS accounts. Mapping each project or project environment to a unique account provides a clear and easy way to maintain security boundaries and built-in cost accounting. Learn about EGlobalTech’s project-per-account model for accounts that enables users to seamlessly move between their AWS accounts and roles.

Baffle Data Protection Services (DPS) provides a data-centric protection layer allowing customers to tokenize, encrypt, and mask data in Amazon RDS at the column or row level, without any application code modifications while supporting a BYOK or HYOK model. Review the architecture for Baffle DPS, and walk through how to launch and test Baffle DPS from an AWS CloudFormation template with Amazon RDS databases to encrypt data at the column level.

AWS customers are increasingly searching for new ways to manage access in a scalable way that maintains the benefits of an agile DevOps delivery model. However, the traditional and highly-manual processes for assessing and certifying access quickly demonstrates they cannot keep up with the speed of DevOps changes. Learn how PwC designs and implements baseline IAM roles for customers while leveraging usage-based analytics to identify overprivileged roles.