AWS Compute Blog

Tag: IAM

Create and attach HTTP API authorizer

Introducing IAM and Lambda authorizers for Amazon API Gateway HTTP APIs

Amazon API Gateway HTTP APIs enable you to create RESTful APIs with lower latency and lower cost than API Gateway REST APIs. The API Gateway team is continuing work to improve and migrate popular REST API features to HTTP APIs. We are adding two of the most requested features, AWS Identity and Access Management (IAM) […]

Read More
AWS Lambda service VPC with VPC-to-VPT NAT to customer VPC

Using AWS Lambda IAM condition keys for VPC settings

You can now control the Amazon Virtual Private Cloud (VPC) settings for your AWS Lambda functions using AWS Identity and Access Management (IAM) condition keys. IAM condition keys enable you to further refine the conditions under which an IAM policy statement applies. You can use the new condition keys in IAM policies when granting permissions […]

Read More
View API Gateway Method Request using Amazon Cognito authorization

Building well-architected serverless applications: Controlling serverless API access – part 3

This series of blog posts uses the AWS Well-Architected Tool with the Serverless Lens to help customers build and operate applications using best practices. In each post, I address the nine serverless-specific questions identified by the Serverless Lens along with the recommended best practices. See the Introduction post for a table of contents and explanation of the example application. Security question […]

Read More
JSON web token decoded

Building well-architected serverless applications: Controlling serverless API access – part 2

This series of blog posts uses the AWS Well-Architected Tool with the Serverless Lens to help customers build and operate applications using best practices. In each post, I address the nine serverless-specific questions identified by the Serverless Lens along with the recommended best practices. See the Introduction post for a table of contents and explanation of the example application. Security question […]

Read More
Lambda authorizers

Building well-architected serverless applications: Controlling serverless API access – part 1

This series of blog posts uses the AWS Well-Architected Tool with the Serverless Lens to help customers build and operate applications using best practices. In each post, I address the nine serverless-specific questions identified by the Serverless Lens along with the recommended best practices. See the Introduction post for a table of contents and explanation of the example application. Security question […]

Read More

Control access to your APIs using Amazon API Gateway resource policies

This post courtesy of Tapodipta Ghosh, AWS Solutions Architect Amazon API Gateway provides you with a simple, flexible, secure, and fully managed service that lets you focus on building core business services. API Gateway supports multiple mechanisms of access control using AWS Identity and Access Management (IAM), AWS Lambda authorizers, and Amazon Cognito. You may […]

Read More

Sharing Secrets with AWS Lambda Using AWS Systems Manager Parameter Store

This post courtesy of Roberto Iturralde, Sr. Application Developer- AWS Professional Services Application architects are faced with key decisions throughout the process of designing and implementing their systems. One decision common to nearly all solutions is how to manage the storage and access rights of application configuration. Shared configuration should be stored centrally and securely with […]

Read More

Automate Your IT Operations Using AWS Step Functions and Amazon CloudWatch Events

Rob Percival, Associate Solutions Architect Are you interested in reducing the operational overhead of your AWS Cloud infrastructure? One way to achieve this is to automate the response to operational events for resources in your AWS account. Amazon CloudWatch Events provides a near real-time stream of system events that describe the changes and notifications for […]

Read More

Enabling Identity Federation with AD FS 3.0 and Amazon AppStream 2.0

Want to provide users with single sign-on access to AppStream 2.0 using existing enterprise credentials? Active Directory Federation Services (AD FS) 3.0 can be used to provide single sign-on for Amazon AppStream 2.0 using SAML 2.0. You can use your existing Active Directory or any SAML 2.0–compliant identity service to set up single sign-on access […]

Read More