AWS Architecture Blog

Category: Security, Identity, & Compliance

Mercado Libre logo

Mercado Libre: How to Block Malicious Traffic in a Dynamic Environment

Blog post contributors: Pablo Garbossa and Federico Alliani of Mercado Libre Introduction Mercado Libre (MELI) is the leading e-commerce and FinTech company in Latin America. We have a presence in 18 countries across Latin America, and our mission is to democratize commerce and payments to impact the development of the region. We manage an ecosystem […]

Read More
Maryville University

Architecting a Data Lake for Higher Education Student Analytics

One of the keys to identifying timely and impactful actions is having enough raw material to work with. However, this up-to-date information typically lives in the databases that sit behind several different applications. One of the first steps to finding data-driven insights is gathering that information into a single store that an analyst can use […]

Read More
Install OpenShift Container Platform 4

Architecture Patterns for Red Hat OpenShift on AWS

Editor’s note: Although this blog post and its accompanying code make use of the word “Master,” Red Hat is making open source code more inclusive by eradicating “problematic language.” Read more about this. Introduction Red Hat OpenShift is an application platform that provides customers with turnkey application platform that is much more than a simple […]

Read More

Field Notes: Building a Shared Account Structure Using AWS Organizations

For customers considering the AWS Solution Provider Program, there are challenges to mitigate when building a shared account model with SI partners. AWS Organizations make it possible to build the right account structure to support a resale arrangement. In this engagement model, the end customer gets an AWS invoice from an AWS authorized partner instead […]

Read More
Figure 1 - Solution Overview

Field Notes: Integrating a Multi-Forest Source Environment with AWS SSO

During re:Invent 2019, AWS announced a new way to integrate external identity sources such as Azure Active Directory with auto provisioning of identities and groups in AWS Single Sign-On (AWS SSO). In March 2020, AWS SSO afforded customers the possibility to connect their Okta Identity Cloud to AWS Single Sign-On (SSO) in order to manage […]

Read More

Reduce Cost and Increase Security with Amazon VPC Endpoints

Introduction This blog explains the benefits of using Amazon VPC endpoints and highlights a self-paced workshop that will help you to learn more about them. Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you’ve defined. This virtual network resembles a traditional network that you’d operate in […]

Read More
Macie architecture

BBVA: Architecture for Large-Scale Macie Implementation

This post was co-written by Andrew Alaniz , Director of Technology Infrastructure, and Brady Pratt, Cloud Security Engineer, both at BBVA USA. Introduction Data Loss Prevention (DLP) is a common topic among companies that work with any type of sensitive data. One of the challenges is that many people either don’t fully understand what DLP […]

Read More
Cloud with lock on it

Architecting Secure Serverless Applications

Introduction Cloud security at AWS is our top priority, and we have a deep set of cloud security tools consisting of more than 200 security, compliance, and governance services and key features. It’s why a broad set of customers — from enterprises, to the public sector, to startups — continue to rely on the capabilities […]

Read More
Machine learning solution developed for customer

Building a Self-Service, Secure, & Continually Compliant Environment on AWS

Introduction If you’re an enterprise organization, especially in a highly regulated sector, you understand the struggle to innovate and drive change while maintaining your security and compliance posture. In particular, your banking customers’ expectations and needs are changing, and there is a broad move away from traditional branch and ATM-based services towards digital engagement. With […]

Read More
microservices deployed across multiple VPCs use privately exposed endpoints

Using VPC Sharing for a Cost-Effective Multi-Account Microservice Architecture

Introduction Many cloud-native organizations building modern applications have adopted a microservice architecture because of its flexibility, performance, and scalability. Even customers with legacy and monolithic application stacks are embarking on an application modernization journey and opting for this type of architecture. A microservice architecture allows applications to be composed of several loosely coupled discreet services […]

Read More