AWS Architecture Blog
Building SAML federation for Amazon OpenSearch Service with Ping Identity
Amazon OpenSearch Service is an open search and log analytics service, powered by the Apache Lucene search library. In this blog post, we provide step-by-step guidance for SP-initiated SSO by showing how to set up a trial Ping Identity account. We’ll show how to build users and groups within your organization’s directory and enable SSO […]
Seamlessly migrate on-premises legacy workloads using a strangler pattern
Replacing a complex workload can be a huge job. Sometimes you need to gradually migrate complex workloads but still keep parts of the on-premises system to handle features that haven’t been migrated yet. Gradually replacing specific functions with new applications and services is known as a “strangler pattern.” When you use a strangler pattern, monolithic […]
Building a serverless cloud-native EDI solution with AWS
Electronic data interchange (EDI) is a technology that exchanges information between organizations in a structured digital form based on regulated message formats and standards. EDI has been used in healthcare for decades on the payer side for determination of coverage and benefits verification. There are different standards for exchanging electronic business documents, like American National […]
Building SAML federation for Amazon OpenSearch Service with Auth0
Amazon OpenSearch Service is a fully managed, distributed, open search, and analytics service that is powered by the Apache Lucene search library. OpenSearch Service is used for real-time application monitoring, log analytics, and website search. It’s ideal for use cases that require fast access and response for large volumes of data. OpenSearch Dashboards is derived […]
Journey to Adopt Cloud-Native Architecture Series #5 – Enhancing Threat Detection, Data Protection, and Incident Response
In Part 4 of this series, Governing Security at Scale and IAM Baselining, we discussed building a multi-account strategy and improving access management and least privilege to prevent unwanted access and to enforce security controls. As a refresher from previous posts in this series, our example e-commerce company’s “Shoppers” application runs in the cloud. The company […]
Let’s Architect! Architecting microservices with containers
Microservices structure an application as a set of independently deployable services. They speed up software development and allow architects to quickly update systems to adhere to changing business requirements. According to best practices, the different services should be loosely coupled, organized around business capabilities, independently deployable, and owned by a single team. If applied correctly, […]
Selecting the appropriate discovery tool for your cloud migration
Cloud migrations invariably require the coordination of multiple stakeholders, such as business and technical teams, partners, and third-party providers. As a stakeholder, understanding your portfolio is crucial to determine which workloads to migrate, and their requirements and interdependencies. But manually gathering these insights can be a daunting task. You can inform your decision by provisioning […]
Improve workload sustainability with services and features from re:Invent 2021
At our recent annual AWS re:Invent 2021 conference, we had important announcements regarding sustainability, including the new Sustainability Pillar for AWS Well-Architected Framework and the AWS Customer Carbon Footprint Tool. In this blog post, I highlight services and features from these announcements to help you design and optimize your AWS workloads from a sustainability perspective. […]
How Net at Work built an email threat report system on AWS
Emails are often used as an entry point for malicious software like trojan horses, rootkits, or encryption-based ransomware. The NoSpamProxy offering developed by Net at Work tackles this threat, providing secure and confidential email communication. A subservice of NoSpamProxy called 32guards is responsible for threat reports of inbound and outbound emails. With the increasing number […]
Enriching Amazon Cognito features with an Amazon API Gateway proxy
This post was co-written with Geoff Baskwill, member of the Architecture Enabling Team at Trend Micro. At Trend Micro, we use AWS technologies to build secure solutions to help our customers improve their security posture. Sep 6 2022: Amazon Cognito user pools now support native integration with AWS Web Application Firewall (WAF), with this native […]