AWS Open Source Blog

Category: Security, Identity, & Compliance

Building a multi-tenant Kubeflow environment on Amazon EKS using Amazon Cognito and ADFS

The Kubeflow project is dedicated to making deployments of machine learning (ML) workflows on Kubernetes simple, portable, and scalable. The project’s goal is not to recreate other services, but to provide a straightforward way to deploy best-of-breed open source systems for ML to diverse infrastructures. Many of our enterprise customers need to integrate Kubeflow with […]

Read More

Build, train, and deploy Amazon Fraud Detector models using the open source Python SDK

Companies providing digital services are looking for ways to effectively identify fraudulent activities, such as online payment fraud and fake account creation. Amazon Fraud Detector is a fully managed service that uses machine learning (ML) and builds on 20 years of fraud detection expertise from Amazon Web Services (AWS) and Amazon.com to automatically identify potentially […]

Read More

Setting up Amazon Managed Grafana cross-account data source using customer managed IAM roles

Amazon Managed Grafana is a fully managed and secure data visualization service for open source Grafana that enables customers to instantly query, correlate, and visualize operational metrics, logs, and traces for their applications from multiple data sources. Amazon Managed Grafana integrates with multiple Amazon Web Services (AWS) security services, and supports AWS Single Sign-On (AWS […]

Read More
kras99 - stock.adobe.com internet digital security technology concept for business background. Lock on circuit board

Security features of Bottlerocket, an open source Linux-based operating system

Bottlerocket is an open source Linux-based operating system from Amazon that was purpose built for running containers with a strong emphasis on security. The result is an operating system that comes with a variety of built-in controls for creating a secure environment for running containerized workloads. In this post, we’ll explore several of the security […]

Read More
kras99 - stock.adobe.com internet digital security technology concept for business background. Lock on circuit board

Introducing AWS Security Analytics Bootstrap

Organizations running workloads in Amazon Web Services (AWS) often must search and analyze logs to troubleshoot or investigate operations, governance, or security events. Amazon Athena enables AWS customers to search and analyze log data directly from in Amazon Simple Storage Service (Amazon S3) using standard SQL queries. Additionally, we understand that customers need a common […]

Read More
Song_about_summer – stock.adobe.com

Scaling threat prevention on AWS with Suricata

This post was written by Victor Julien, Kelley Misata, Shakeel Ahmad, and Maritza Mills. Suricata is a fast, robust, open source network threat detection engine that includes real-time intrusion detection (IDS), an inline intrusion prevention system (IPS), network security monitoring (NSM), and offline packet capture (pcap) processing. Suricata is owned by the community-run, non-profit Open […]

Read More

Integrating identity providers, such as OneLogin, Ping Identity, Okta, and Azure AD, to SSO into Amazon Managed Grafana

September 8, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. Visit the website to learn more. In December 2020, AWS announced Amazon Managed Grafana, a fully managed service that is developed together with Grafana Labs and based on open source Grafana. Enhanced with enterprise capabilities, Amazon Managed Grafana makes it easier to […]

Read More

Improving HA and long-term storage for Prometheus using Thanos on EKS with S3

Prometheus is an open source systems monitoring and alerting toolkit that is widely adopted as a standard monitoring tool with self-managed and provider-managed Kubernetes. Prometheus provides many useful features, such as dynamic service discovery, powerful queries, and seamless alert notification integration. Beyond certain scale, however, problems arise when basic Prometheus capabilities do not meet requirements […]

Read More

Managing AWS Organizations using the open source org-formation tool — Part 3

This article is a guest post from Olaf Conijn, the creator of org-formation. Part 1: Managing AWS Organizations resources using infrastructure as code Part 2: Integrating management of resources across accounts using task files Part 3: Deploying CloudFormation resources to multiple accounts using Organization Bindings org-formation on GitHub In the first two parts of this […]

Read More