AWS Compute Blog
Tag: IAM
Introducing IAM and Lambda authorizers for Amazon API Gateway HTTP APIs
Amazon API Gateway HTTP APIs enable you to create RESTful APIs with lower latency and lower cost than API Gateway REST APIs. The API Gateway team is continuing work to improve and migrate popular REST API features to HTTP APIs. We are adding two of the most requested features, AWS Identity and Access Management (IAM) […]
Using AWS Lambda IAM condition keys for VPC settings
You can now control the Amazon Virtual Private Cloud (VPC) settings for your AWS Lambda functions using AWS Identity and Access Management (IAM) condition keys. IAM condition keys enable you to further refine the conditions under which an IAM policy statement applies. You can use the new condition keys in IAM policies when granting permissions […]
Building well-architected serverless applications: Controlling serverless API access – part 3
This series of blog posts uses the AWS Well-Architected Tool with the Serverless Lens to help customers build and operate applications using best practices. In each post, I address the nine serverless-specific questions identified by the Serverless Lens along with the recommended best practices. See the Introduction post for a table of contents and explanation of the example application. Security question […]
Building well-architected serverless applications: Controlling serverless API access – part 2
This series of blog posts uses the AWS Well-Architected Tool with the Serverless Lens to help customers build and operate applications using best practices. In each post, I address the nine serverless-specific questions identified by the Serverless Lens along with the recommended best practices. See the Introduction post for a table of contents and explanation of the example application. Security question […]
Building well-architected serverless applications: Controlling serverless API access – part 1
This series of blog posts uses the AWS Well-Architected Tool with the Serverless Lens to help customers build and operate applications using best practices. In each post, I address the nine serverless-specific questions identified by the Serverless Lens along with the recommended best practices. See the Introduction post for a table of contents and explanation of the example application. Security question […]
Control access to your APIs using Amazon API Gateway resource policies
This post courtesy of Tapodipta Ghosh, AWS Solutions Architect Amazon API Gateway provides you with a simple, flexible, secure, and fully managed service that lets you focus on building core business services. API Gateway supports multiple mechanisms of access control using AWS Identity and Access Management (IAM), AWS Lambda authorizers, and Amazon Cognito. You may […]
Sharing Secrets with AWS Lambda Using AWS Systems Manager Parameter Store
This post courtesy of Roberto Iturralde, Sr. Application Developer- AWS Professional Services Application architects are faced with key decisions throughout the process of designing and implementing their systems. One decision common to nearly all solutions is how to manage the storage and access rights of application configuration. Shared configuration should be stored centrally and securely with […]
Automate Your IT Operations Using AWS Step Functions and Amazon CloudWatch Events
Rob Percival, Associate Solutions Architect Are you interested in reducing the operational overhead of your AWS Cloud infrastructure? One way to achieve this is to automate the response to operational events for resources in your AWS account. Amazon CloudWatch Events provides a near real-time stream of system events that describe the changes and notifications for […]
Enabling Identity Federation with AD FS 3.0 and Amazon AppStream 2.0
Want to provide users with single sign-on access to AppStream 2.0 using existing enterprise credentials? Active Directory Federation Services (AD FS) 3.0 can be used to provide single sign-on for Amazon AppStream 2.0 using SAML 2.0. You can use your existing Active Directory or any SAML 2.0–compliant identity service to set up single sign-on access […]