AWS Security Blog

Category: Federation

Now Available: Videos and Slide Decks from the re:Invent 2015 Security and Compliance Track

Whether you want to review a Security and Compliance track session you attended at re:Invent 2015, or you want to experience a session for the first time, videos and slide decks from the Security and Compliance track are now available. SEC201: AWS Security State of the Union: How Should We All Think About Security? Video Slide […]

Read More

AWS IAM Sessions at re:Invent 2015

As I said last week, the breakout sessions for the Security & Compliance track have been announced and are shown in the re:Invent 2015 session catalog. If you are going to re:Invent 2015, you can add these sessions to your schedule now. Today, I will highlight the AWS Identity and Access Management (IAM) sessions that […]

Read More

How to Implement a General Solution for Federated API/CLI Access Using SAML 2.0

Note: Active Directory Federation Services (AD FS) 3.0 uses form-based authentication by default. If you are using AD FS 3.0 in this configuration, use the solution presented in this post. In my earlier post, How to Implement Federated API and CLI Access Using SAML 2.0 and AD FS, I walked through how to implement federated API […]

Read More

How to Connect Your On-Premises Active Directory to AWS Using AD Connector

AD Connector is designed to give you an easy way to establish a trusted relationship between your Active Directory and AWS. When AD Connector is configured, the trust allows you to: Sign in to AWS applications such as Amazon WorkSpaces, Amazon WorkDocs, and Amazon WorkMail by using your Active Directory credentials. Seamlessly join Windows instances […]

Read More

In Case You Missed These: Recent AWS Security Blog Posts

Just in case you missed any of the AWS Security Blog posts from the last month or so, we have summarized and linked to them in this blog post. The linked posts are shown in reverse chronological order (most recent first), and the subject matter ranges from privacy and data security at Amazon to AWS […]

Read More

How to Implement Federated API and CLI Access Using SAML 2.0 and AD FS

Note 1: On August 12, 2015, I published a follow-up to this post, which is called How to Implement a General Solution for Federated API/CLI Access Using SAML 2.0. Be sure to see that post if you want to implement a general federation solution (not specific to AD FS). Note 2: This post focuses on NTLM authentication, […]

Read More

New Whitepaper—Single Sign-On: Integrating AWS, OpenLDAP, and Shibboleth

The newly released whitepaper, Single Sign-On: Integrating AWS, OpenLDAP, and Shibboleth, will help you integrate your existing LDAP-based user directory with AWS. When you integrate your existing directory with AWS, your users can access AWS by using their existing credentials. This means that your users don’t need to maintain yet another user name and password […]

Read More

AWS Security Token Service Is Now Available in Every AWS Region

AWS Security Token Service (STS), which enables your applications to request temporary security credentials, is now available in every AWS region. Previously, STS had only a single endpoint (https://sts.amazonaws.com), but now, there is an endpoint in every AWS region. By bringing STS to a region geographically closer to you, your applications and services can call […]

Read More

Federated Users Can Now Access the AWS Support Center

Recently, the AWS Support Center moved to the AWS Management Console. In addition to providing a better user experience, it enabled another important feature – federated access. Users in your company can now use their existing credentials to access the AWS Support Center for actions like creating a case, looking at the case history, or […]

Read More

Building an App Using Amazon Cognito and an OpenID Connect Identity Provider

Today, I’m happy to announce that AWS now supports OpenID Connect (OIDC), an open standard that enables app developers to leverage additional identity providers for authentication. Now you can use Amazon Cognito to easily build AWS-powered apps that use identities from any provider that supports this industry standard. This compliments the existing capabilities to use […]

Read More