(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014

•

6 likes•6,493 views

Do you have multiple AWS accounts that you want to share resources across? Considering an AWS partner offering that requires access to your AWS account? Delegation is your friend! Come learn how you can easily and securely delegate access to users in other AWS accounts, 3rd parties, or even other AWS services using delegation options available in AWS Identity and Access Management (IAM).

Technology

{
"Effect":"Allow",
"Principal":{
"AWS":"arn:aws:iam::1111"
},
"Action":"sts:AssumeRole"
}
{
"Effect":"Allow",
"Action":"s3:ListBucket",
"Resource":"*"
}

Session
Access Key ID
Secret Access Key
Expiration
Session Token

Instances Table
Role
User
Your AWS Account
Another AWS Account

1
Authenticate with
“Demo” user’s access
keys
Construct sign-in URL using
the temporary security
credentials to access the
AWS Management Console
3
Assume the
“CrossAccount” role to get
temporary
security credentials
2
Script
“CrossAccount” Role
Trusts: PM Team AWS Account
Grants: EC2 full and IAM read-only
Uses External ID
IAM/STS
My AWS Account
“Demo” IAM User
Can assume the
“CrossAccount” role
IAM/STS
PM Team AWS Account

Partner’s AWS Account
User
Instances Table
Role
External ID
Your AWS Account
ID

{
"Effect": "Allow",
"Principal": {"AWS": "arn:aws:iam::EXAMPLE-CORP-ACCOUNT-ID"},
"Action": "sts:AssumeRole",
"Condition": {
"StringEquals": {
"sts:ExternalId": "ID-ISSUED-BY-EXAMPLE-CORP"
}}}

Partner’s AWS Account
Customer A’s AWS Account
Customer B’s AWS Account
User
Role A
Trusts: Partner account
Role B
Trusts: Partner account
1 Use role B
2 Assume role B
3 Show customer
B’s resources
Only if External ID =
Customer A’s external ID
Only if External ID =
Customer B’s external ID
Pass customer’s external
ID while assuming role

“TrendMicro” Role
Trusts: Trend Micro AWS Account
Grants: Few EC2, ELB, Route53 actions
IAM/STS
My AWS Account1
Authenticate using
access keys of IAM user
in Trend Micro’s AWS
account
Call AWS APIs using the
temporary security
credentials
3
Assume the role to get
temporary security
credentials
2
Route 53Amazon EC2 Elastic Load
Balancing
Trend Micro Deep Security for Web Apps

User
Instances Table
Role
Your AWS Account
AWS Service’s AWS Account

User
Instances Table
RoleInstance
Your AWS Account
EC2 Service’s AWS Account

Amazon
S3
Amazon
DynamoDB
Role: Allow Amazon S3
access but nothing else
Amazon EC2 Instance

Please give us your feedback on this session.
Complete session evaluations and earn re:Invent swag.
http://bit.ly/awsevals

Customers using AWS resources such as EC2 instances, EC2 Security Groups and RDS instances would like to track changes made to such resources and who made those changes. In this session, customers will learn about gaining visibility into user activity in their account and aggregating logs across multiple accounts into a single bucket. Customers will also learn about how they can use the user activity logs to meet the logging guidelines/requirements of different compliance standards. AWS Advanced Technology Partners Splunk/Sumologic (exact partners TBD) will demonstrate applications for analyzing user activity within an AWS account.

(SEC403) Building AWS Partner Applications Using IAM Roles | AWS re:Invent 2014

Amazon Web Services

DevOps for the Enterprise: Automated Testing and Monitoring

Amazon Web Services

Being able to produce deliverables and deploying them efficiently and as quickly as possible are the fundamental enablers of automated testing practices, which create a positive feedback loop to the development team. This webinar goes beyond automated unit tests and shows how to take advantage of the on-demand nature of AWS to run automated performance tests or functional tests. This episode will also cover the core monitoring capabilities offered by AWS, which are critical to give insights to the DevOps teams of the unfolding of test runs. Demos included in this webinar: • Automating the execution of load tests against the target environment • Testing the fault-tolerance of the target environment using Chaos Monkey View the webinar: http://youtu.be/Czf6dmhOzR0

(SEC303) Mastering Access Control Policies | AWS re:Invent 2014

Amazon Web Services

If you have ever wondered how best to scope down permissions in your account, this in-depth look at the AWS Access Control Policy language is for you. We start with the basics of the policy language and how to create policies for users and groups. We look at how to use policy variables to simplify policy management. Finally, we cover some common use cases, such as granting a user secure access to an Amazon S3 bucket, allowing an IAM user to manage their own credentials and passwords, and more.

(SEC316) Harden Your Architecture w/ Security Incident Response Simulations

Amazon Web Services

Using Security Incident Response Simulations (SIRS--also commonly called IR Game Days) regularly keeps your first responders in practice and ready to engage in real events. SIRS help you identify and close security gaps in your platform, and application layers then validate your ability to respond. In this session, we will share a straightforward method for conducting SIRS. Then AWS enterprise customers will take the stage to share their experience running joint SIRS with AWS on their AWS architectures. Learn about detection, containment, data preservation, security controls, and more.

(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014

Amazon Web Services

Crypto Options in AWS

Amazon Web Services

Account Separation and Mandatory Access Control

Amazon Web Services

Are you interested in learning how to control access to your AWS resources? Have you ever wondered how to best scope down permissions to achieve least privilege permissions access control? If your answer to these questions is "yes," this session is for you. We will take an in-depth look at the AWS Identity and Access Management (IAM) policy language. We will start with the basics of the policy language and how to create and attach policies to IAM users, groups, and roles. As we dive deeper, we will explore policy variables, conditions, and other tools to help you author least privilege policies. Throughout the session, we will cover some common use cases, such as granting a user secure access to an Amazon S3 bucket or locking down access to Amazon EC2 instances. The demonstrations will use tools such as the policy editor and policy simulator to debug policies.

(DVO304) AWS CloudFormation Best Practices

Amazon Web Services

"AWS CloudFormation lets you model, provision, and update a collection of AWS resources with JSON templates. You can manage your Infrastructure as Code and deploy stacks from a single Amazon EC2 instance to multi-tier applications. In this session, we will explore CloudFormation best practices in planning and provisioning your AWS infrastructure. We will cover recent product updates that will help users to make the most of this service and demonstrate new features. This session will benefit both new and experienced users of CloudFormation. If you are new to AWS CloudFormation, get up to speed for this session by completing the Working with CloudFormation lab in the self-paced Labs Lounge. "

Deep Dive:EC2 Container Service

Amazon Web Services

Containers and the Evolution of Computing

Amazon Web Services

Increasingly, developers are breaking their applications apart into smaller components and distributing them across a pool of compute resources. Docker is fast becoming a core component of these architectures, but going from a single or a small number of containers to a distributed application is not trivial. In this session we will talk about some of the core architectural principles underlying the Amazon EC2 Container (ECS) and how they are designed to help you scale your applications and run them in production. We will talk about how containers can be used as the foundation for new computing primitives and how these are being used by our customers for increased agility and productivity.

February 2016 Webinar Series - Introducing VPC Support for AWS Lambda

Amazon Web Services

You can now access resources within a Virtual Private Cloud (VPC) using AWS Lambda. In this webinar, we will show how you can enable your AWS Lambda functions to access resources in a VPC. We will walk through the configuration details on how to set up this functionality, and we will demonstrate two sample scenarios. We will also discuss best practices of how to use AWS Lambda in a VPC and sample application designs. Learning Objectives: Learn how to access resources in a VPC with AWS Lambda Who Should Attend: Developers

(ARC401) Cloud First: New Architecture for New Infrastructure

Amazon Web Services

What do companies with internal platforms have to change to succeed in the cloud? The five pillars at the heart of IT solutions in the cloud are automation, fault tolerance, horizontal scalability, security, and cost-effectiveness. This talk discusses tools that facilitate the development and automate the deployment of secure, highly available microservices. The tools were developed using AWS CloudFormation, AWS SDKs, AWS CLI, Amazon RDS, and various open-source software such as Docker. The talk provides concrete examples of how these tools can help developers and architects move from beginning/intermediate AWS practitioners to cloud deployment experts.

(SEC202) Closing the Gap: Moving Critical, Regulated Workloads to AWS | AWS r...

Amazon Web Services

AWS provides a number of tools and processes to help you decide when and how to move audited, regulated, and critical business data to the cloud. In this session, we answer the following questions: when is it time for you to make this significant move? When will you be ready to address industry best practices for control (including third-party audits, access control configurations, incident response, data sovereignty, and encryption). We discuss how some highly regulated AWS customers have addressed the challenges that legacy regulatory requirements present to partners, vendors, and customers in migrating to the AWS Cloud. Finally, we cover general trends we're seeing in several regulated industries leveraging AWS and the trends we're seeing from the regulators themselves who audit and accept AWS control environments.

Monitoring Containers at Scale - September Webinar Series

Amazon Web Services

Containers come and go rapidly, which is great for scalable or fast-evolving infrastructure. However, the short life of containers make it more challenging to monitor, leaving many with questions such as: How many containers can you run on a given Amazon EC2 instance type? Which metric should you look at to measure contention? How do you manage fleets of containers at scale? In this session, we'll present the challenges and benefits of running containers at scale, how to use quantitative performance patterns to monitor your infrastructure at this magnitude and complexity, and we'll discuss proven strategies for monitoring your containerized infrastructure on AWS and ECS. Learning Objectives: - Set up the infrastructure to monitor your containers running on AWS - Understand the metrics available and what they mean - Define a strategy to monitor your containers

Delegating Access to your AWS Environment (SEC303) | AWS re:Invent 2013

Amazon Web Services

At times you may have a need to provide external entities access to resources within your AWS account. You may have users within your enterprise that want to access AWS resources without having to remember a new username and password. Alternatively, you may be creating a cloud-backed application that is used by millions of mobile users. Or you have multiple AWS accounts that you want to share resources across. Regardless of the scenario, AWS Identity and Access Management (IAM) provides a number of ways you can securely and flexibly provide delegated access to your AWS resources. Come learn how to best take advantage of these options in your AWS environment.

대용량 데이타 쉽고 빠르게 분석하기 :: 김일호 솔루션즈 아키텍트 :: Gaming on AWS 2016

Amazon Web Services Korea

AWS Webcast - Active Directory on AWS

Amazon Web Services

Microsoft Active Directory is the foundation for distributed networks built on Windows Server. Learn how our new Active Directory Reference Implementation Guide can help you deploy highly available AD Domain Services on AWS in about an hour. Included will be an overview of the reference architecture, implementation guide, and Cloud Formation templates, which automate much of the process. Two scenarios are covered: one fully cloud-based and one hybrid, using AWS Direct Connect to extend an existing on-premises AD solution into the AWS Cloud.

(SEC302) IAM Best Practices To Live By

Amazon Web Services

This session will cover AWS Identity and Access Management (IAM) best practices that help improve your security posture. We will cover how to manage users and their security credentials. We’ll also explain why you should delete your root access keys—or at the very least, rotate them regularly. Using common use cases, we will demonstrate when to choose between using IAM users and IAM roles. Finally, we will explore how to set permissions to grant least privilege access control in one or more of your AWS accounts.

(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...

Amazon Web Services

(DEV306) Building Cross-Platform Applications Using the AWS SDK for JavaScrip...

Amazon Web Services

JavaScript is the ubiquitous runtime for browser code, and the popularity of Node.js as a server-side platform continues to grow. The AWS SDKs for Node.js and JavaScript in the Browser enable you to call AWS services from either platform. In this talk, we demonstrate the portability of the SDK by building a Node.js web app and then porting the code to run as a browser extension. In the process, you'll learn about a number of the productivity features included in these SDKs.

Announcements for Mobile Developers

Amazon Web Services

Amazon Cognito now makes it easy to sign up and sign in users to your mobile and web apps. Previously, with Amazon Cognito you can use social identity providers like Facebook, Google, Twitter, and Amazon for user sign-in and federate these identities to allow secure access to AWS resources. Now with User Identity Pools in Amazon Cognito, you get a secure, low-cost, and fully managed user directory that can scale to 100s of millions of users. Join us for an overview of Amazon Cognito and how to get started with User Identity Pools.

(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014

Amazon Web Services

Amazon Web Services IAM has a cohesive set of features, including authentication, service and resource authorization, and privilege delegation. But how does AWS IAM interact with an organization's external identity management framework? In this session, we will look at the identity disciplines, including authorization, identity governance and administration (IGA), provisioning, authentication and single sign-on-and their associated standards like XACML, SCIM, SAML, OAuth, OpenID Connect, and FIDO. We will specify how these externalized identity functions can be integrated with AWS to deliver a cohesive organizational identity management framework. We will also cover real-world deployments of externalized identity systems with AWS.

Best Practices of IoT in the Cloud

Amazon Web Services

(SEC306) Turn on CloudTrail: Log API Activity in Your AWS Account | AWS re:In...

Amazon Web Services

Do you need to know who made an API call? What resources were acted upon in an API call? Do you need to find the source IP address of an API call? AWS CloudTrail helps you answer these questions. In this session we review the basics of CloudTrail and then dive into CloudTrail features. We demo solutions that you can use to analyze API activity recorded and delivered by CloudTrail. Join us if you are interested in security or compliance and how you can architect, build, and maintain compliant applications on AWS.

Zero to Sixty: AWS Elastic Beanstalk (DMG204) | AWS re:Invent 2013

Amazon Web Services

AWS Elastic Beanstalk provides an easy way for you to quickly deploy and manage applications in the AWS cloud. In this Zero to Sixty session, accelerate your use of Elastic Beanstalk by learning how Nike and VTEX use several of its most powerful features. Through interactive demos and code samples for both Windows and Linux, this session teaches you how to achieve deployments with zero downtime, how to easily enable or disable application functionality via feature flags, and how to customize your Elastic Beanstalk environments with extensions. Demos and code samples are available to all session attendees. Are you new to Elastic Beanstalk? Get up to speed for this session by first completing the 60-minute Fundamentals of Elastic Beanstalk lab in the Self Paced Lab Lounge.

AWS APAC Webinar Week - Getting The Most From EC2

Amazon Web Services

Amazon EC2 forms the backbone compute platform for hundreds of thousands of AWS customers, but how do you go beyond starting an instance and manually configuring it? This webinar takes you on a journey starting with the basics of key creation and security groups and ending with an Auto Scaling application driven by dynamic policies. It will explain the tools you need to create an Auto Scaling configuration and show you how to bootstrap an instance.

(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...

Amazon Web Services

Have you wondered how you can use your corporate directory for accessing AWS? Or how you can build an AWS-powered application accessible to the millions of users from social identity providers like Amazon, Google, or Facebook? If so, this session will give you the tools you need to get started. It will provide a variety of examples to make it easier for you to use other identity pools with AWS, as well as cover open standards like Security Assertion Markup Language (SAML). Anyone who deals with external identities won't want to miss this session.

(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014

Amazon Web Services

Streamline your mobile app sign-up experience with Amazon Cognito. In this session, we demonstrate how to use Cognito to build secure mobile apps without storing keys in them. Learn how to apply policies to existing Facebook, Google, or Amazon identities to secure access to AWS resources, such as personnel files stored in Amazon S3. Finally, we show how to handle anonymous access to AWS from mobile apps when there is no user logged in.

What's hot

(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less

Amazon Web Services

(DVO304) AWS CloudFormation Best Practices

Amazon Web Services

Deep Dive:EC2 Container Service

Amazon Web Services

Containers and the Evolution of Computing

Amazon Web Services

February 2016 Webinar Series - Introducing VPC Support for AWS Lambda

Amazon Web Services

(ARC401) Cloud First: New Architecture for New Infrastructure

Amazon Web Services

(SEC202) Closing the Gap: Moving Critical, Regulated Workloads to AWS | AWS r...

Amazon Web Services

Monitoring Containers at Scale - September Webinar Series

Amazon Web Services

Delegating Access to your AWS Environment (SEC303) | AWS re:Invent 2013

Amazon Web Services

대용량 데이타 쉽고 빠르게 분석하기 :: 김일호 솔루션즈 아키텍트 :: Gaming on AWS 2016

Amazon Web Services Korea

AWS Webcast - Active Directory on AWS

Amazon Web Services

(SEC302) IAM Best Practices To Live By

Amazon Web Services

(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...

Amazon Web Services

(DEV306) Building Cross-Platform Applications Using the AWS SDK for JavaScrip...

Amazon Web Services

Announcements for Mobile Developers

Amazon Web Services

(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014

Amazon Web Services

Best Practices of IoT in the Cloud

Amazon Web Services

(SEC306) Turn on CloudTrail: Log API Activity in Your AWS Account | AWS re:In...

Amazon Web Services

Zero to Sixty: AWS Elastic Beanstalk (DMG204) | AWS re:Invent 2013

Amazon Web Services

AWS APAC Webinar Week - Getting The Most From EC2

Amazon Web Services

What's hot (20)

(SEC305) How to Become an IAM Policy Ninja in 60 Minutes or Less

(DVO304) AWS CloudFormation Best Practices

Deep Dive:EC2 Container Service

Containers and the Evolution of Computing

February 2016 Webinar Series - Introducing VPC Support for AWS Lambda

(ARC401) Cloud First: New Architecture for New Infrastructure

(SEC202) Closing the Gap: Moving Critical, Regulated Workloads to AWS | AWS r...

Monitoring Containers at Scale - September Webinar Series

Delegating Access to your AWS Environment (SEC303) | AWS re:Invent 2013

대용량 데이타 쉽고 빠르게 분석하기 :: 김일호 솔루션즈 아키텍트 :: Gaming on AWS 2016

AWS Webcast - Active Directory on AWS

(SEC302) IAM Best Practices To Live By

(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...

(DEV306) Building Cross-Platform Applications Using the AWS SDK for JavaScrip...

Announcements for Mobile Developers

(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014

Best Practices of IoT in the Cloud

(SEC306) Turn on CloudTrail: Log API Activity in Your AWS Account | AWS re:In...

Zero to Sixty: AWS Elastic Beanstalk (DMG204) | AWS re:Invent 2013

AWS APAC Webinar Week - Getting The Most From EC2

Viewers also liked

(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...

Amazon Web Services

(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014

Amazon Web Services

A guide on Aws Security Token Service

Blazeclan Technologies Private Limited

Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...

Amazon Web Services

Learn how AWS IAM enables you to control who can do what in your AWS environment. We discuss how IAM provides flexible access control that helps you maintain security while adapting to your evolving business needs. Wel review how to integrate AWS IAM with your existing identity directories via identity federation. We outline some of the unique challenges that make providing IAM for the cloud a little different. And throughout the presentation, we highlight recent features that make it even easier to manage the security of your workloads on the cloud.

Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.

Amazon Web Services

Steven Halliwell, General Manager, Amazon Web Services, will provide an Introduction to AWS, Why Organizations are choosing AWS, What Workloads are appropriate on AWS, and How Organizations are getting started with AWS. Steven will discuss what many AWS public sector customers and partners are doing with and saying about AWS. Lastly, Steven will talk about various strategies for how customers and partners can get started with AWS.

Disaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency

Amazon Web Services

Implementation of a disaster recovery (DR) site is crucial for the business continuity of any enterprise. Due to the fundamental nature of features like elasticity, scalability, and geographic distribution, DR implementation on AWS can be done at 10-50% of the conventional cost. In this session, we do a deep dive into proven DR architectures on AWS and the best practices, tools and techniques to get the most out of them.

(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...

Amazon Web Services

NASA imaging satellites deliver GB's of images to Earth every day. Mapbox uses AWS to process that data in real-time and build the most complete, seamless satellite map of the world. Learn how Mapbox uses Amazon S3 and Amazon SQS to stream data from NASA into clusters of EC2 instances running a clever algorithm that stiches images together in parallel. This session includes an in-depth discussion of high-volume storage with Amazon S3, cost-efficient data processing with Amazon EC2 Spot Instances, reliable job orchestration with Amazon SQS, and demand resilience with Auto Scaling.

(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...

Amazon Web Services

IT must innovate at the speed of market change and many enterprises are realizing that DevOps and cloud computing are a means to this end. Cloud-based DevOps solutions that enforce fine-grain governance policies and automate software releases across the development tool chain can accelerate application time to market while also improving software quality. In this session, attendees learn the following: - How cloud and DevOps together can significantly accelerate software release cycles, so you can speed business innovation and gain competitive advantage - Best practices for leveraging CSC Agility Platform, AWS, and a hybrid IT strategy for DevOps - How to eliminate software release bottlenecks via policy-based automation, orchestration, and governance of application deployment environments. Sponsored by CSC.

Understanding AWS Security

Amazon Web Services

AWS Summit 2014 Melbourne - Breakout 3 The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources. Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services

Running Complex Enterprise Workloads on AWS - Session sponsored by Fronde

Amazon Web Services

AWS Summit 2014 Melbourne - Breakout 2 In the near future the majority of enterprise workloads will be running on public cloud platforms like AWS. In this session Fronde - an organisation with six years experience with AWS - will describe their approach to enterprise IT liberation; how to go about moving your complex workloads and strategies to overcome potential obstacles. We’ll demonstrate how we’ve moved traditional on-premise Citrix Virtual Desktop up to AWS to realise a Cloud Workspace for the future that delivers real business value. Presenter: James Valentine, Chief Technology Officer, Fronde

AWS Webcast - An Introduction to High Performance Computing on AWS

Amazon Web Services

High Performance Computing (HPC) allows scientists and engineers to solve complex science, engineering, and business problems using applications that require high bandwidth, low latency networking, and very high compute capabilities. Learn how the AWS cloud can cost- effectively provide the scalable computing resources, storage services, and analytic tools that enable running various kinds of HPC workloads. Who should attend? Engineers, architects, product managers, data scientists, high performance computing specialists, and researchers from industry and academia, along with technically-minded business stakeholders looking to put data to work for their organization.

Slide kinh nghiệm vận hành Cloud trên Amazon - Huỳnh Kỳ Anh

Luong Trung Thanh

Connect2016 Shipping Domino

Factor-y S.r.l.

(ENT311) Public IaaS Provider Bake-off: AWS vs Azure | AWS re:Invent 2014

Amazon Web Services

Public cloud IaaS services continue to be the hottest segment of the cloud market with Amazon Web Services and Microsoft Azure gaining all the attention. Almost all customers are currently evaluating, selecting or deploying major IaaS services. In this session, Gartner lays out recommended evaluation criteria for IaaS providers and objectively evaluates how AWS and Azure stack up against one another. The following key questions will be answered in this session: What is the recommended evaluation criteria for IaaS providers? How do AWS and Azure compare to one another? What does the future hold for the public IaaS provider market?

Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...

Amazon Web Services

Security is your number one priority and it is ours too. With customers around the world across all industries, it is our top priority to ensure the underlying cloud infrastructure is secure and compliant. This presentation will address our shared security/responsibility model, specific compliance requirements such as FedRAMP, DISA/DoD Cloud Security Models, and detail the specific AWS compliance programs that supports our customers in these compliance environments.

Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013

Amazon Web Services

Streamline your mobile app signup experience with social login. We demonstrate how to use web identity federation to enable users to log into your app using their existing Facebook, Google, or Amazon accounts. Learn how to apply policies to these identities to secure access to AWS resources, such as personal files stored in Amazon S3. Finally, we show how to handle anonymous access to AWS from mobile apps when there is no user logged in.

SEC302 Delegating Access to Your AWS Environment - AWS re: Invent 2012

Amazon Web Services

amazon-cognito-auth-in-minutesVladimir Budilov

(MBL402) Mobile Identity Management & Data Sync Using Amazon Cognito

Amazon Web Services

Developing mobile apps can be complex and time-consuming. Learn how to simplify mobile identity management and data synchronization across devices. In addition, learn how to follow security best practices to give your app access to the resources it needs to provide a great user experience without hard-coding security credentials. We will cover how to easily and securely onboard users as anonymous guests using public login providers like Amazon, Facebook, Twitter, or your own user identity system. We are very excited to have Twitter representatives join us on stage for a deep dive on authenticating users with Twitter and Digits, which enables users to sign in with their phone numbers.

(SDD413) Amazon S3 Deep Dive and Best Practices | AWS re:Invent 2014

Amazon Web Services

Viewers also liked (20)

(SEC304) Bring Your Own Identities – Federating Access to Your AWS Environmen...

(MBL401) Social Logins for Mobile Apps with Amazon Cognito | AWS re:Invent 2014

A guide on Aws Security Token Service

Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...

Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.

Disaster Recovery Sites on AWS: Minimal Cost, Maximum Efficiency

(BDT204) Rendering a Seamless Satellite Map of the World with AWS and NASA Da...

(ENT210) Accelerating Business Innovation with DevOps on AWS | AWS re:Invent ...

Understanding AWS Security

Running Complex Enterprise Workloads on AWS - Session sponsored by Fronde

AWS Webcast - An Introduction to High Performance Computing on AWS

Slide kinh nghiệm vận hành Cloud trên Amazon - Huỳnh Kỳ Anh

Connect2016 Shipping Domino

(ENT311) Public IaaS Provider Bake-off: AWS vs Azure | AWS re:Invent 2014

Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...

Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013

SEC302 Delegating Access to Your AWS Environment - AWS re: Invent 2012

amazon-cognito-auth-in-minutes

(MBL402) Mobile Identity Management & Data Sync Using Amazon Cognito

(SDD413) Amazon S3 Deep Dive and Best Practices | AWS re:Invent 2014

Similar to (SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014

AWS Identity and Access Management and Consolidated BillingAmazon Web Services

Amazon Web Services Security

Jason Chan

Keep It Secret, Keep It Safe Credentials and Secrets Management on AWS - AWS ...

Amazon Web Services

Are you hard coding credentials in your software? Do you have passwords you need to centrally manage, while maintaining access control? In this session you will learn the best ways of using the AWS platform to build applications with zero knowledge of the credentials that are used. AWS and Xero will talk about the various methods AWS gives you to ensure you can handle secret values with confidence using automation in a multi-account environment. From IAM Roles, to bearer tokens and automatically rotated secrets, we will walk through a real life application and show how easy it is to keep your secrets safe.

AWS Cloud Formation

Mahesh Raj

User Authentication and Cloud Authorization in the Galaxy project: https://do...

Vahid Jalili

Deep Dive into AWS SAM

Amazon Web Services

AWS Serverless Application Model (SAM) is a template driven tool for creating and managing serverless applications. In just a few lines of code you can define complex AWS Lambda based serverless applications, security permissions, and advanced configuration capabilities. Join us as we dive deep into best practices and tricks for using SAM at scale, including how to make the most of the dynamic template capabilities of SAM, how to use advanced features such as deployment preferences and policy templates, and how to debug serverless applications with SAM CLI. Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications, AWS

Deep Dive into AWS SAM: re:Invent 2018 Recap at the AWS Loft - San Francisco

Amazon Web Services

Deep Dive into AWS SAM: re:Invent 2018 Recap at the AWS Loft - San Francisco AWS Serverless Application Model (SAM) is a template driven tool for creating and managing serverless applications. In just a few lines of code you can define complex AWS Lambda based serverless applications, security permissions, and advanced configuration capabilities. Join us as we dive deep into best practices and tricks for using SAM at scale, including how to make the most of the dynamic template capabilities of SAM, how to use advanced features such as deployment preferences and policy templates, and how to debug serverless applications with SAM CLI. Speaker: Chris Munns - Principal Developer Advocate, AWS Serverless Applications

Masterclass Webinar - AWS CloudFormation

Amazon Web Services

Unleash the Power of Temporary AWS Credentials (a.k.a. IAM roles) (SEC390-R1)...

Amazon Web Services

In this chalk talk, we discuss why using temporary security credentials to manage access to your AWS resources is an AWS Identity and Access Management (AWS IAM) best practice. IAM roles help you follow this best practice by delivering and rotating temporary credentials automatically. We discuss the different types of IAM roles, the assume role functionality, and how to author fine-grained trust and access policies that limit the scope of IAM roles. We then show you how to attach IAM roles to your AWS resources, such as Amazon EC2 instances and AWS Lambda functions. We also discuss migrating applications that use long-term AWS access keys to temporary credentials managed by IAM roles.

AWS Security: A Practitioner's Perspective

Jason Chan

Deployment and Management on AWS:  A Deep Dive on Options and Tools

Danilo Poccia

AWS CloudFormation Masterclass

Ian Massingham

AWS CloudFormation is a comprehensive templating language that enables you to create managed 'stacks' of AWS resources, with a growing library of templates available for you to use. But how do you create one from scratch? This presentation will take you through building an AWS CloudFormation template from the ground up, so you can see all the essential template constructs in action. Watch a recording of the webinar based on this presentation on YouTube here: http://youtu.be/6R44BADNJA8 Check out other upcoming webinars in the Masterclass Series here: http://aws.amazon.com/campaigns/emea/masterclass/

AWS CloudFormation Masterclass

Amazon Web Services

Amazon ECS Container Service Deep Dive

Amazon Web Services

Running and managing large scale applications with microservices architectures can be difficult and often requires operating complex container management infrastructure. Amazon EC2 Container Service (ECS) is a highly scalable, high performance service for running and managing Docker applications. In this session, we will walk through a number of patterns and tools used by our customers to run their applications on Amazon ECS. We will show you how to setup, manage, and scale your Amazon ECS resources, and keep them secure. We will also discuss how to monitor your containerized application running on Amazon ECS and we'll provide best practices for logging and service discovery.

AWS IAM and security

Erik Paulsson

Ansible Assume AWS Role

DougBridgens

Overview of Amazon Web Services

Brett Gillett

Managing the Life Cycle of IT Products

Amazon Web Services

In this session, you’ll learn how you can incorporate your IT product lifecycle into the cloud where you can define, publish, monitor, and manage your products. Central IT can enable end-users in their organizations to easily discover and provision these products, from a personalized portal. We will demonstrate using AWS services that enable IT to retain control of resources provisioned in the AWS cloud, track configuration changes and audit user activities. We will also show AWS Marketplace, that helps you find third-party software that you need, buy it, and easily deploy it in the AWS cloud.

Deep Dive - Infrastructure as Code

Amazon Web Services

Many of our customers have adopted DevOps for faster and reliable software delivery. Applying software engineering best practices such as revision control and continuous delivery to your infrastructure is essential for adopting DevOps. In this session, find out how AWS CloudFormation and the associated AWS tools enable DevOps by allowing you to treat infrastructure as code and applying those software engineering best practices to your infrastructure. Speakers: Steven Bryen, AWS Solutions Architect Bruce Jackson, Chief Technology Officer, Myriad Group Rajpal Singh Wilkhu,Principal Engineer, Just Eat

The Best of Both Worlds: Implementing Hybrid IT with AWS (ENT218) | AWS re:In...

Amazon Web Services

(Presented by RightScale) With the increased use of cloud services, organizations are faced with finding the most efficient way to leverage existing IT infrastructure alongside cloud-based compute, storage, and networking resources. This has resulted in the rise of hybrid infrastructure so IT teams can deliver agility and performance with visibility and control. At RightScale, we’ve implemented some of the world’s largest hybrid IT deployments. In this session, we share implementation approaches, architecture design considerations, and steps for a successful hybrid IT model. This session covers: -How to develop a strategy and framework for a successful path to hybrid IT -How to prioritize applications for public cloud versus on-premises -How to manage multiple compute resource pools through a unified management framework -Implementation and continuous improvement of a hybrid IT environment Examples of enterprise hybrid IT implementations include cloudbursting, high availability, and disaster recovery.

Similar to (SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014 (20)

AWS Identity and Access Management and Consolidated Billing

Amazon Web Services Security

Keep It Secret, Keep It Safe Credentials and Secrets Management on AWS - AWS ...

AWS Cloud Formation

User Authentication and Cloud Authorization in the Galaxy project: https://do...

Deep Dive into AWS SAM

Deep Dive into AWS SAM: re:Invent 2018 Recap at the AWS Loft - San Francisco

Masterclass Webinar - AWS CloudFormation

Unleash the Power of Temporary AWS Credentials (a.k.a. IAM roles) (SEC390-R1)...

AWS Security: A Practitioner's Perspective

Deployment and Management on AWS:  A Deep Dive on Options and Tools

AWS CloudFormation Masterclass

Amazon ECS Container Service Deep Dive

AWS IAM and security

Ansible Assume AWS Role

Overview of Amazon Web Services

Managing the Life Cycle of IT Products

Deep Dive - Infrastructure as Code

The Best of Both Worlds: Implementing Hybrid IT with AWS (ENT218) | AWS re:In...

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Amazon Web Services

Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS. In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Amazon Web Services

La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup. Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti. Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.

Esegui pod serverless con Amazon EKS e AWS Fargate

Amazon Web Services

Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi

Costruire Applicazioni Moderne con AWS

Amazon Web Services

Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.

Come spendere fino al 90% in meno con i container e le istanze spot

Amazon Web Services

L’utilizzo dei container è in continua crescita. Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili. I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!

Open banking as a service

Amazon Web Services

In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th. Event Agenda : Open banking so far (short recap) • PSD2, OB UK, OB Australia, OB LATAM, OB Israel Intro to Open Finance marketplace • Scope • Features • Tech overview and Demo The role of the Cloud The Future of APIs • Complying with regulation • Monetizing data / APIs • Business models • Time to market One platform for all: a Strategic approach Q&A

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

Amazon Web Services

Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc. AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta. Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Amazon Web Services

Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity. AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet. Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Amazon Web Services

Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.

Computer Vision con AWS

Amazon Web Services

Database Oracle e VMware Cloud on AWS i miti da sfatare

Amazon Web Services

Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti. Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

Amazon Web Services

Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti. Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire. Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito. In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.

API moderne real-time per applicazioni mobili e web

Amazon Web Services

Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline. Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Amazon Web Services

Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali. In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.

Tools for building your MVP on AWSAmazon Web Services

How to Build a Winning Pitch DeckAmazon Web Services

Building a web application without serversAmazon Web Services

Fundraising EssentialsAmazon Web Services

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services

Introduzione a Amazon Elastic Container Service

Amazon Web Services

Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Esegui pod serverless con Amazon EKS e AWS Fargate

Costruire Applicazioni Moderne con AWS

Come spendere fino al 90% in meno con i container e le istanze spot

Open banking as a service

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Computer Vision con AWS

Database Oracle e VMware Cloud on AWS i miti da sfatare

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

API moderne real-time per applicazioni mobili e web

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Tools for building your MVP on AWS

How to Build a Winning Pitch Deck

Building a web application without servers

Fundraising Essentials

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...

Introduzione a Amazon Elastic Container Service

Recently uploaded

JMeter webinar - integration with InfluxDB and Grafana

RTTS

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Tobias Schneck

As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other? Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Abida Shariff

Key Trends Shaping the Future of Infrastructure.pdf

Cheryl Hung

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

UiPathCommunity

💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™: See how to accelerate model training and optimize model performance with active learning Learn about the latest enhancements to out-of-the-box document processing – with little to no training required Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath. Speakers: 👨‍🏫 Andras Palfi, Senior Product Manager, UiPath 👩‍🏫 Lenka Dulovicova, Product Program Manager, UiPath

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

ODC, Data Fabric and Architecture User Group

CatarinaPereira64715

FIDO Alliance Osaka Seminar: Overview.pdf

FIDO Alliance

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Bits & Pixels using AI for Good.........

Alison B. Lowndes

Neuro-symbolic is not enough, we need neuro-*semantic*

Frank van Harmelen

Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”. All of this illustrated with link prediction over knowledge graphs, but the argument is general.

Recently uploaded (20)

JMeter webinar - integration with InfluxDB and Grafana

How world-class product teams are winning in the AI era by CEO and Founder, P...

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024

Epistemic Interaction - tuning interfaces to provide information for AI support

IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx

Key Trends Shaping the Future of Infrastructure.pdf

Accelerate your Kubernetes clusters with Varnish Caching

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

ODC, Data Fabric and Architecture User Group

FIDO Alliance Osaka Seminar: Overview.pdf

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DevOps and Testing slides at DASA Connect

Bits & Pixels using AI for Good.........

Neuro-symbolic is not enough, we need neuro-*semantic*

(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014

7. { "Effect":"Allow", "Principal":{ "AWS":"arn:aws:iam::1111" }, "Action":"sts:AssumeRole" } { "Effect":"Allow", "Action":"s3:ListBucket", "Resource":"*" }

9. Session Access Key ID Secret Access Key Expiration Session Token

10.

11. AWS Account Instances Table User

12.

13.

14. Instances Table Role User Your AWS Account Another AWS Account

15. 1 Authenticate with “Demo” user’s access keys Construct sign-in URL using the temporary security credentials to access the AWS Management Console 3 Assume the “CrossAccount” role to get temporary security credentials 2 Script “CrossAccount” Role Trusts: PM Team AWS Account Grants: EC2 full and IAM read-only Uses External ID IAM/STS My AWS Account “Demo” IAM User Can assume the “CrossAccount” role IAM/STS PM Team AWS Account

16.

17. Partner’s AWS Account User Instances Table Role External ID Your AWS Account ID

18. { "Effect": "Allow", "Principal": {"AWS": "arn:aws:iam::EXAMPLE-CORP-ACCOUNT-ID"}, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "sts:ExternalId": "ID-ISSUED-BY-EXAMPLE-CORP" }}}

19. Partner’s AWS Account Customer A’s AWS Account Customer B’s AWS Account User Role A Trusts: Partner account Role B Trusts: Partner account 1 Use role B 2 Assume role B 3 Show customer B’s resources Only if External ID = Customer A’s external ID Only if External ID = Customer B’s external ID Pass customer’s external ID while assuming role

20. “TrendMicro” Role Trusts: Trend Micro AWS Account Grants: Few EC2, ELB, Route53 actions IAM/STS My AWS Account1 Authenticate using access keys of IAM user in Trend Micro’s AWS account Call AWS APIs using the temporary security credentials 3 Assume the role to get temporary security credentials 2 Route 53Amazon EC2 Elastic Load Balancing Trend Micro Deep Security for Web Apps

21.

22.

23. User Instances Table Role Your AWS Account AWS Service’s AWS Account

24.

25. User Instances Table RoleInstance Your AWS Account EC2 Service’s AWS Account

26. Amazon S3 Amazon DynamoDB Role: Allow Amazon S3 access but nothing else Amazon EC2 Instance

27.

28.

29.

30. Please give us your feedback on this session. Complete session evaluations and earn re:Invent swag. http://bit.ly/awsevals

(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (20)

Similar to (SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014

Similar to (SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014 (20)

More from Amazon Web Services

More from Amazon Web Services (20)

Recently uploaded

Recently uploaded (20)

(SEC302) Delegating Access to Your AWS Environment | AWS re:Invent 2014