Category: Security, Identity, & Compliance

Introduction In this blog post, I will show you how to selectively share a central AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD) directory across your multi-account environment through a self-service model using AWS Service Catalog. In a large and growing AWS Organizations environment with decentralized teams, you want to remove as […]

For customers that have workloads in the AWS Cloud, a common use case is the provisioning of new user accounts in Active Directory, and subsequently, WorkSpaces for these new users. In this blog post, we will present an efficient and reusable solution to automate the creation, provisioning, and deprovisioning of Microsoft Active Directory (AD) user […]

In this blog post, we explore how the Microsoft SQL Server backup metadata, known as backup headers, can be leveraged when migrating from on premises to Amazon Elastic Compute Cloud (Amazon EC2). This technique is particularly useful when access to source database information is non-existent or only backup files are available with no access to […]

In this blog post, we will demonstrate how you can set up self-managed licenses to be tracked automatically through tagging. Managing licenses for software running on Amazon Elastic Compute Cloud (Amazon EC2) is critical for compliance and auditing purposes. Amazon Web Services (AWS) provides a free tool, AWS License Manager, to help you manage your licenses. However, license […]

Introduction In this blog post, I am going to show you how to generate, import, test, and troubleshoot a properly created Transport Layer Security (TLS) certificate for a Remote Desktop Gateway (RD Gateway) farm. Secure management of your Amazon Elastic Compute Cloud (Amazon EC2) instances for Microsoft Windows Server is a top priority for any […]

Introduction In this blog post, I am going to show you how easy it is to deploy a secure infrastructure to manage your Amazon Elastic Cloud Compute (EC2) instances for Microsoft Windows Server through the automation provided by AWS Launch Wizard. AWS Launch Wizard offers a guided way of sizing, configuring, and deploying AWS resources […]

In this blog post, we will guide you through the process of setting up an AWS Lambda authorizer with Microsoft Entra ID (formerly Azure Active Directory) using OpenID Connect (OIDC). This will allow you to use the authentication from Entra ID as an identity provider for your Amazon API Gateway. Securing your APIs is crucial […]

In this blog post, we will present a sample solution and provide recommendations on how to reduce both the cost and time associated with a Microsoft Windows Server instance joining an Amazon Elastic Compute Cloud (Amazon EC2) Auto Scaling group up to 78%. Customers using Amazon EC2 Auto Scaling often desire faster scale-out times to […]

In this blog post, we will look at how to automate the rotation of the AWS Identity and Access Management (IAM) credentials synchronized with Microsoft SQL Server credentials to meet password rotation requirements. Solution overview The IAM Access key and Secret access key are used to create a SQL Server credential; therefore, to rotate the […]

In this blog post, you will learn how to use custom attributes for Attribute-Based Access Control (ABAC) with Microsoft Entra ID (formerly known as Azure Active Directory) as the single sign-on (SSO) identity provider integrated with AWS IAM Identity Center (formerly known as AWS SSO). ABAC allows you to control access or fine-grained permissions to […]