Links
AddJanuary 20, 2020: Based on customer feedback, we rephrased the fourth goal in the “An example structure with nested OUs and SCPs” section to try to improve clarity. With AWS Organizations, you can centrally manage policies across multiple AWS accounts without having to use custom scripts and manual processes. For example, you can apply service […]
This is an open-source version of 'Security Training for Everyone', PagerDuty's internal employee security training, given to all PagerDuty employees as part of our annual security training program.
Production visibility and security for your web applications and APIs
Notes about technology, DevOps, programming, and database
jq is a lightweight command line JSON processor that is very easy to use. Sometimes it is helpful to see your data sorted by a particular field value. Luckily jq makes this easy to do. Here are some sample JSON records we will be working with in this post: Sorting JSON by value with jq […]
You can now enable your on-premises users administer your AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD. Using an Active Directory (AD) trust and the new AWS delegated AD security groups, you can grant administrative permissions to your on-premises users by managing group membership in your on-premises AD directory. […]
Today we’d like to walk you through AWS Identity and Access Management (IAM), federated sign-in through Active Directory (AD) and Active Directory Federation Services (ADFS). With IAM, you can centrally manage users, security credentials such as access keys, and permissions that control which resources users can access. Customers have the option of creating users and […]
Make more informed decisions, improve operations, and differentiate with generative AI
We invent groundbreaking, original toys that fascinate, delight, and educate.
September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. Today, AWS introduced AWS IAM Identity Center (AWS IAM Identity Center), a service that makes it easy for you to centrally manage IAM Identity […]
Define permissions on a resource in order to grant IAM users access to resources in other AWS accounts.
AWS has released a new whitepaper that has been requested by many AWS customers: AWS Policy Perspectives: Data Residency. Data residency is the requirement that all customer content processed and stored in an IT system must remain within a specific country’s borders, and it is one of the foremost concerns of governments that want to […]
Use roles to grant an IAM user access through identity federation (authorization by an external service).
March 24, 2025: We’ve updated this post to remove an example that referenced an old CA. November 18, 2024: This post was updated to reflect the latest certificate authority information for Amazon issued public certificates. July 11, 2019: The service team has resolved an error that caused customers to see a “Certificate Transparency Required” […]