AWS Public Sector Blog
Tag: AWS IAM
How nonprofits can automate tax-exempt status across AWS accounts
Many nonprofits and other tax-exempt organizations need to make sure their tax status is correct across their Amazon Web Services (AWS) accounts. A new tax analyzer solution automatically detects the tax status of all AWS accounts across an organization. In this blog post, discover how this simple solution identifies which AWS accounts across an organization are paying sales tax, and learn how this solution can quickly remediate tax status by opening an AWS support case automatically.
Elevating cloud security to address regulatory requirements for security and disaster recovery
Learn how you can build a foundation of security objectives practices, including a business continuity and disaster recovery plan, that can be adapted to meet a dynamic policy environment and support the missions of national computer security incident response teams (CSIRT), operators of essential services (OES), digital service providers (DSP), and other identified sector organizations.
Dr. B helps with equitable vaccine distribution using AWS
Healthcare organization Dr. B launched to get as many COVID-19 vaccines into as many arms as possible. To achieve its mission to make access to care—specifically the COVID-19 vaccine—more efficient and equitable, the company created a serverless solution built on Amazon Web Services (AWS).
How to migrate on-premises workloads with AWS Application Migration Service
AWS Application Migration Service (MGN) is a highly automated lift-and-shift solution, which works by replicating your on-premises (physical or virtual) and/or cloud servers into your AWS account. When you’re ready, AWS MGN automatically converts and launches your servers on AWS so you can quickly benefit from the cost savings, productivity, resilience, and agility of the cloud. This guide teaches you how to migrate a content management system platform (CMS), based on an example with WordPress, running on a simulated on-premises environment to AWS Cloud, using MGN.
Sharing SAS data with Athena and ODBC
If you share data with other researchers, especially if they are using a different tool, you can quickly run into version issues, not knowing which file is the most current. Rather than sending data files everywhere, AWS offers a simple way to store your data in one central location so that you can read your data into SAS and still share it with other colleagues. In this blog post, I will explain how to export your data, store it in AWS, and query the data using SAS.
Modern data engineering in higher ed: Doing DataOps atop a data lake on AWS
Modern data engineering covers several key components of building a modern data lake. Most databases and data warehouses, to an extent, do not lend themselves well to a DevOps model. DataOps grew out of frustrations trying to build a scalable, reusable data pipeline in an automated fashion. DataOps was founded on applying DevOps principles on top of data lakes to help build automated solutions in a more agile manner. With DataOps, users apply principles of data processing on the data lake to curate and collect the transformed data for downstream processing. One reason that DevOps was hard on databases was because testing was hard to automate on such systems. At California State University Chancellors Office (CSUCO), we took a different approach by residing most of our logic with a programming framework that allows us to build a testable platform. Learn how to apply DataOps in ten steps.
Enabling SAML 2.0 federation with AWS IAM Identity Center and AWS GovCloud (US)
AWS IAM Identity Center helps administrators centrally manage access to multiple AWS accounts that are members of an AWS Organization. End users can authenticate and then access all their AWS accounts from a single interface. Using IAM Identity Center as a SAML identity provider for your AWS accounts also has security benefits: user credentials provided via federation are temporary. IAM Identity Center does not automatically detect AWS GovCloud (US) accounts associated with standard AWS accounts in your AWS Organization. IAM Identity Center is also not currently available in AWS GovCloud (US). As a result, IAM Identity Center cannot be used to automatically provision access for your users into an AWS GovCloud (US) account. However, this functionality can be extended to enable federation into AWS GovCloud (US) with a “custom SAML 2.0 application” in IAM Identity Center.
How public sector security teams can use serverless technologies to improve outcomes
Serverless applications are typically discreet pieces of code that customers can use to manage security-related processes or stitch together multiple AWS services to solve a larger problem. They allow customers to build and run applications and services without dealing with infrastructure management tasks such as server or cluster provisioning, patching, operating system maintenance, and capacity provisioning. In this blog, I explain the serverless computing model, the Serverless Application Repository (SAR), solution constructs and implementations, why they matter to our government customers, and how they can use them to solve common problems.
Building a government update notification system
Now more than ever, citizens expect effective communications from government agencies in response to COVID-19. These state and local leaders are committed to serving their citizens with the latest news as fast as possible, but not all strategies reach citizens in real time. However, it takes time for the government to implement widely available communication services to provide timely, accurate information. One solution is to concentrate the delivery of information in a single communication channel: SMS text messages.
Assess your security posture to identify and remediate security gaps susceptible to ransomware
As government agencies and public sector organizations modernize their IT and migrate to the AWS Cloud, the ability to gain a full, clear view of the security of their environments is a primary challenge they experience. This lack of visibility leads to blind spots and gaps in their security posture, leaving opportunity for security issues to arise. As a result, AWS developed a new open source Self-Service Security Assessment (with ransomware analysis modules) tool that provides customers with a point-in-time assessment to quickly gain valuable insights into the security posture of their AWS account.