AWS Partner Network (APN) Blog

Category: Advanced (300)


Automating OpenID Connect-Based AWS IAM Web Identity Roles with Microsoft Entra ID

For applications running outside AWS, developers often create IAM users with long-lived credentials which can increase security risks. Instead, learn how to integrate AWS IAM Web Identity Roles with Microsoft Entra ID for centralized user management. This post walks through manual setup steps to register an app in Entra ID and create a role in AWS, and describes an automated architecture to synchronize Entra ID service principals and AWS roles.

How Coalfire Drives FedRAMP Compliance Without Sacrificing Cloud Deployment Speed

Complying with FedRAMP poses challenges for DevOps teams, including slower deployment speeds, process overhead, and complex AWS GovCloud requirements. To optimize velocity while maintaining compliance, organizations can shift security controls left, automate workflows, and architect secure in-boundary pipelines. With the proper frameworks, teams can increase deployment frequency and reduce change failure rates in FedRAMP environments.

Scalable, Secure, and Efficient AWS Cloud Operations with Crayon’s Landing Zone Accelerator

Crayon’s customizable landing zone accelerator automates setup of a secure, scalable AWS environment aligned to best practices. It establishes foundational accounts, applies baseline security controls, and integrates AWS services across the organization to drive cloud adoption for companies migrating to AWS while also improving governance for existing customers. Crayon guides customers through the landing zone build and subsequent workload migration, providing automation kits to speed deployments.


Modernizing Dealer Operations with Wipro’s Next-Gen Dealer Management System on AWS

Wipro’s next-generation dealer and distributor management system (DMS) provides an omnichannel, microservices-based solution enabling complete visibility and integrated management of all dealer operations. By leveraging AWS’s scalable, reliable, and secure cloud infrastructure, the solution offers benefits like improved analytics, reduced costs, high availability, and faster time-to-market. Wipro provides dealers a modern DMS that addresses advanced requirements around mobile access, IoT, and AI.


Cloudanix’s Real-Time Threat and Anomaly Detection for Workloads on AWS

As cyber threats grow more sophisticated, real-time threat detection is critical for robust cloud security. AWS Partner Cloudanix leverages cloud infrastructure logs and machine learning to provide holistic, agentless monitoring across AWS environments. By analyzing activities and APIs in real-time, Cloudanix identifies threats and anomalies, alerts security teams, and recommends remediation steps. This enables rapid incident response, proactive security measures, and comprehensive visibility.

Maximizing Commitment-Based Savings with AWS and Apptio Cloudability

AWS provides discounted pricing through Reserved Instances and Savings Plans in return for usage commitments. Apptio Cloudability helps organizations maximize these commitments by analyzing AWS cost data to identify savings opportunities. Cloudability also offers automation to optimize commitments continuously, achieving higher savings than manual management allows. This frees up financial operations resources to focus on other cloud cost optimization initiatives.


Improve Your Business Strategy Using Syntax CxLink and Amazon Forecast for SAP Workloads

SAP customers are integrating non-SAP applications and machine learning models to improve business strategies. Solutions like Syntax CxLink and Amazon Forecast can connect SAP systems to AWS services to provide insights for supply-demand planning, sales, and automation requirements. This post shows how Syntax CxLink transfers SAP data like sales orders and inventory transactions to Amazon Forecast, which uses algorithms to create highly accurate demand forecasts.

How Cloudanix Secures Containerized Applications Running on Amazon EKS

Kubernetes security is often approached in a fragmented way, separating build time, runtime, and infrastructure security. An interconnected security approach is essential, acknowledging relationships between build, runtime, and infrastructure. Cloudanix enables this through end-to-end integration, from build time image scanning to runtime threat monitoring, strengthening security posture by reducing attack surface, enhancing compliance, and empowering swift response.


Validating Cost Data for Amazon EKS with Kubecost and AWS Cost Explorer

Kubecost provides granular visibility into Kubernetes cluster costs on AWS, enabling easy comparison with AWS Cost Explorer. This post guides users through validating Kubecost cost data against AWS billing, troubleshooting discrepancies, and ensuring complete resource discovery. It covers aggregating costs in Kubecost dashboards, filtering to compare specific assets, reconciling adjusted pricing, and using CSV exports for programmatic validation.


Trellix vIPS and AWS Gateway Load Balancer Integrate for a Next-Gen Intrusion Prevention System

As enterprises migrate to the cloud, advanced cybersecurity solutions are essential to prevent sophisticated attacks. Trellix’s virtual intrusion prevention system (vIPS) integrates with AWS Gateway Load Balancer to provide real-time threat detection and prevention. Utilizing techniques like behavioral analysis and signatureless detection, Trellix vIPS helps secure VPCs against evolving threats. As an AWS Specialization Partner, Trellix enables resilience against cyberattacks for customers’ cloud environments.