AWS Compute Blog
Category: Security, Identity, & Compliance
Enabling Microsoft Defender Credential Guard on Amazon EC2
This blog post is written by Jason Nicholls, Principal Solutions Architect AWS. In this post we show you how to enable Windows Defender Credential Guard (Credential Guard) on Amazon Elastic Compute Cloud (Amazon EC2) running Microsoft Windows Server. Credential Guard, when enabled on Amazon EC2 Windows Instances protects sensitive user login information from being extracted […]
Securing Lambda Function URLs using Amazon Cognito, Amazon CloudFront and AWS WAF
This post is written by Madhu Singh (Solutions Architect), and Krupanidhi Jay (Solutions Architect). Lambda function URLs is a dedicated HTTPs endpoint for a AWS Lambda function. You can configure a function URL to have two methods of authentication: IAM and NONE. IAM authentication means that you are restricting access to the function URL (and […]
Running AI-ML Object Detection Model to Process Confidential Data using Nitro Enclaves
This blog post was written by, Antoine Awad, Solutions Architect, Kevin Taylor, Senior Solutions Architect and Joel Desaulniers, Senior Solutions Architect. Machine Learning (ML) models are used for inferencing of highly sensitive data in many industries such as government, healthcare, financial, and pharmaceutical. These industries require tools and services that protect their data in transit, […]
Simplifying serverless permissions with AWS SAM Connectors
This post written by Kurt Tometich, Senior Solutions Architect, AWS. Developers have been using the AWS Serverless Application Model (AWS SAM) to streamline the development of serverless applications with AWS since late 2018. Besides making it easier to create, build, test, and deploy serverless applications, AWS SAM now further simplifies permission management between serverless components […]
Lifting and shifting a web application to AWS Serverless: Part 2
In this two-part article, you learn if it is possible to migrate a non-serverless web application to a serverless environment without changing much code. You learn different tools that can help you in this process, like AWS Lambda Web Adaptor and AWS Amplify, and how to solve some of the typical challenges that we have, like storage and authentication.
Lifting and shifting a web application to AWS Serverless: Part 1
In this article, you learn if it is possible to migrate a non-serverless web application to a serverless environment without changing much code. You learn different tools that can help you in this process, like the AWS Lambda Web Adaptor and AWS Amplify.
Building AWS Lambda governance and guardrails
When building serverless applications using AWS Lambda, there are a number of considerations regarding security, governance, and compliance. This post highlights how Lambda, as a serverless service, simplifies cloud security and compliance so you can concentrate on your business logic. It covers controls that you can implement for your Lambda workloads to ensure that your […]
Securely retrieving secrets with AWS Lambda
AWS Lambda functions often need to access secrets, such as certificates, API keys, or database passwords. Storing secrets outside the function code in an external secrets manager helps to avoid exposing secrets in application source code. Using a secrets manager also allows you to audit and control access, and can help with secret rotation. Do […]
Scaling AWS Lambda permissions with Attribute-Based Access Control (ABAC)
This blog post is written by Chris McPeek, Principal Solutions Architect. AWS Lambda now supports attribute-based access control (ABAC), allowing you to control access to Lambda functions within AWS Identity and Access Management (IAM) using tags. With ABAC, you can scale an access control strategy by setting granular permissions with tags without requiring permissions updates […]
How to re-platform and modernize Java web applications on AWS
This post is written by: Bill Chan, Enterprise Solutions Architect According to a report from Grand View Research, “the global application server market size was valued at USD 15.84 billion in 2020 and is expected to expand at a compound annual growth rate (CAGR) of 13.2% from 2021 to 2028.” The report also suggests that […]