SlideShare ist ein Scribd-Unternehmen logo

AD Authenticate All The Things

Alan Williams
Alan Williams

Authentication and authorization to the AWS management console using your on-premise Active Directory isn't all that straightforward, at first. This deck covers the easily adaptable and scalable methodology we created and have been following over the past year, leveraging our existing IdP and adhering to strict conventions.

Technologie
1 von 43
AD Authenticate the AWS Management Console Alan Williams Enterprise Architect Advanced AWS Meetup – June 2015
© 2015 Autodesk  Technology Generalist  Background in Infrastructure  @ Autodesk ~10 years  Spoken at OpenWorld, .conf and re:Invent  AWS user for ~5 years  Motorcyclist  Soft spot for pit bulls  @alanwill on Who Am I?
© 2015 Autodesk  Leader in 3D design, engineering and entertainment software  Introduced AutoCAD in 1982  Empowering the Maker movement  Helping our customers imagine, design and create a better world  ~11,000 global employees Who is Autodesk?
autodesk.com/careers
© 2015 Autodesk  Problem  Solution  Demo  How  Benefits  Next Agenda
Problem
© 2015 Autodesk  Identity Management  Too many  Lots of AWS accounts  Access Control  Too complex to manage  Too difficult to enforce  Inconvenient  What’s my password? Problem
Solution
© 2015 Autodesk
© 2015 Autodesk  AWS Federated Logins  IAM Identity Providers  On-premises Identity Provider  PingFederate, Okta etc…  On-premises Identity Store  Active Directory  SAML  Security Assertion Markup Language Solution
Demo
How (the gory details)
© 2015 Autodesk Workflow *Diagram adapted from AWS STS documentation for Autodesk relevance http://docs.aws.amazon.com/STS/latest/UsingSTS/STSMgmtConsole-SAML.html
© 2015 Autodesk  Go to IdP page  Example: https://aws.company.com  Enter AD credentials  jdoe / ******** #1 – IdP Initiated SSO
© 2015 Autodesk  AD  Validates credentials  Responds with all user’s security groups to IdP  IdP  Applies filters and performs field extraction  Sends to client AWS account(s) + IAM role(s) in SAML assertion #2/3 – Authentication
© 2015 Autodesk AD Security Group Naming Convention
© 2015 Autodesk  Client posts assertion to AWS SSO endpoint  AWS validates request and matches AWS account numbers and roles  Presents list of AWS accounts to user for sign in #4/5/6 - Authorization
© 2015 Autodesk
© 2015 Autodesk
How (on the AWS end)
© 2015 Autodesk Create IAM Identity Provider
© 2015 Autodesk Create IAM Identity Provider
© 2015 Autodesk Create IAM Identity Provider
© 2015 Autodesk Create IAM Identity Provider
© 2015 Autodesk Create IAM Identity Provider
© 2015 Autodesk Create an IAM Role
© 2015 Autodesk Create IAM Role
© 2015 Autodesk Create IAM Role
© 2015 Autodesk Create IAM Role
© 2015 Autodesk Create IAM Role
© 2015 Autodesk
© 2015 Autodesk Role Name Example IAM Role Policy Account-Admin AdministratorAccess Policy Account-ReadOnly ReadOnlyAccess Policy Application-Admins PowerUserAccess Policy Database-Admins AmazonRDSFullAccess + AmazonRedshiftFullAccess Policies Network-Admins AmazonVPCFullAccess + AWSDirectConnectFullAccess Policies Security-Admins SecurityAudit Policy Server-Admins AmazonEC2FullAccess Policy Optional: Multiple Roles
© 2015 Autodesk Optional: Multiple Roles, same account
© 2015 Autodesk Optional: Two Factor Authentication
© 2015 Autodesk  Create AD Security Groups  following naming convention  Create IAM Identity Provider  Create IAM Roles On-boarding New Accounts
© 2015 Autodesk  AD security group membership  Role based access control Managing Access
Benefits
© 2015 Autodesk  Standardized authentication  Improved security  Convenient user experience  Flexible  Scalable to 100s+ accounts Benefits
What’s Next
© 2015 Autodesk  IAM Keys Vending Machine  Access/Secret Key self service portal  Temporary, expires in 24 hours Next Steps
© 2015 Autodesk  Using Identity Providers  http://goo.gl/qf7NpN  Using SAML Providers  http://goo.gl/cBMswu  IAM Federated User Access  http://goo.gl/5nIMt9 Documentation Resources
© 2015 Autodesk
Autodesk is a registered trademark of Autodesk, Inc., and/or its subsidiaries and/or affiliates in the USA and/or other countries. All other brand names, product names, or trademarks belong to their respective holders. Autodesk reserves the right to alter product and services offerings, and specifications and pricing at any time without notice, and is not responsible for typographical or graphical errors that may appear in this document. © 2015 Autodesk. All rights reserved.

Empfohlen

(ENT212) How Autodesk Leverages Splunk as an Assurance Platform on AWS | AWS ...
(ENT212) How Autodesk Leverages Splunk as an Assurance Platform on AWS | AWS ...(ENT212) How Autodesk Leverages Splunk as an Assurance Platform on AWS | AWS ...
(ENT212) How Autodesk Leverages Splunk as an Assurance Platform on AWS | AWS ...Amazon Web Services
 
Running Splunk on AWS
Running Splunk on AWSRunning Splunk on AWS
Running Splunk on AWSAlan Williams
 
What's better than Microservices? Serverless Microservices
What's better than Microservices? Serverless MicroservicesWhat's better than Microservices? Serverless Microservices
What's better than Microservices? Serverless MicroservicesAlan Williams
 
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...Edureka!
 
AWS Fargate Tutorial | AWS Tutorial For Beginners | AWS Certification Trainin...
AWS Fargate Tutorial | AWS Tutorial For Beginners | AWS Certification Trainin...AWS Fargate Tutorial | AWS Tutorial For Beginners | AWS Certification Trainin...
AWS Fargate Tutorial | AWS Tutorial For Beginners | AWS Certification Trainin...Edureka!
 
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)Amazon Web Services Korea
 
Integrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A RevisionIntegrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A Revisiondevopsjourney
 
Recap of AWS re:invent 2015
Recap of AWS re:invent 2015Recap of AWS re:invent 2015
Recap of AWS re:invent 2015Anton Babenko
 

Empfohlen

(ENT212) How Autodesk Leverages Splunk as an Assurance Platform on AWS | AWS ...
(ENT212) How Autodesk Leverages Splunk as an Assurance Platform on AWS | AWS ...(ENT212) How Autodesk Leverages Splunk as an Assurance Platform on AWS | AWS ...
(ENT212) How Autodesk Leverages Splunk as an Assurance Platform on AWS | AWS ...Amazon Web Services
 
Running Splunk on AWS
Running Splunk on AWSRunning Splunk on AWS
Running Splunk on AWSAlan Williams
 
What's better than Microservices? Serverless Microservices
What's better than Microservices? Serverless MicroservicesWhat's better than Microservices? Serverless Microservices
What's better than Microservices? Serverless MicroservicesAlan Williams
 
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...
AWS CloudFormation Tutorial | AWS CloudFormation Demo | AWS Tutorial | AWS Tr...Edureka!
 
AWS Fargate Tutorial | AWS Tutorial For Beginners | AWS Certification Trainin...
AWS Fargate Tutorial | AWS Tutorial For Beginners | AWS Certification Trainin...AWS Fargate Tutorial | AWS Tutorial For Beginners | AWS Certification Trainin...
AWS Fargate Tutorial | AWS Tutorial For Beginners | AWS Certification Trainin...Edureka!
 
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)
[AWS Builders] 실 적용 사례로 알아보는, AWS를 활용한 WAF 보안의 장점 - 삼성SDS 천준호 프로, 컨설팅그룹 (보안기획팀)Amazon Web Services Korea
 
Integrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A RevisionIntegrate AWS CodeDeploy With Git And Deploy A Revision
Integrate AWS CodeDeploy With Git And Deploy A Revisiondevopsjourney
 
Recap of AWS re:invent 2015
Recap of AWS re:invent 2015Recap of AWS re:invent 2015
Recap of AWS re:invent 2015Anton Babenko
 
AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...
AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...
AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...Edureka!
 
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOC
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOCBusiness Agility: Taking an App Global (at Speed) - Session Sponsored by ITOC
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOCAmazon Web Services
 
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Amazon Web Services
 
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price.
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price. Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price.
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price. Amazon Web Services
 
T3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your appsT3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your appsAmazon Web Services
 
AWS Glacier Tutorial | Edureka
AWS Glacier Tutorial | EdurekaAWS Glacier Tutorial | Edureka
AWS Glacier Tutorial | EdurekaEdureka!
 
OTT on AWS – Build vs. Buy
OTT on AWS – Build vs. Buy OTT on AWS – Build vs. Buy
OTT on AWS – Build vs. Buy Amazon Web Services
 
Amazon Lightsail
Amazon LightsailAmazon Lightsail
Amazon LightsailAmazon Web Services
 
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017Amazon Web Services
 
Intro to AWS Developer Tools, featuring AWS CodeStar
Intro to AWS Developer Tools, featuring AWS CodeStarIntro to AWS Developer Tools, featuring AWS CodeStar
Intro to AWS Developer Tools, featuring AWS CodeStarAmazon Web Services
 
Container Management on AWS with ECS, Docker and Blox - Level 400
Container Management on AWS with ECS, Docker and Blox - Level 400Container Management on AWS with ECS, Docker and Blox - Level 400
Container Management on AWS with ECS, Docker and Blox - Level 400Amazon Web Services
 
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...Edureka!
 
Workshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDOWorkshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDOJulien SIMON
 
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...Edureka!
 
Moving Viadeo to AWS (2015)
Moving Viadeo to AWS (2015)Moving Viadeo to AWS (2015)
Moving Viadeo to AWS (2015)Julien SIMON
 
Introduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaIntroduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaAn Nguyen
 
Serverless architectures on aws
Serverless architectures on awsServerless architectures on aws
Serverless architectures on awsPaolo latella
 
AWS Well Architected Framework
AWS Well Architected FrameworkAWS Well Architected Framework
AWS Well Architected FrameworkzekeLabs Technologies
 
AWS architecture and a human body
AWS architecture and a human bodyAWS architecture and a human body
AWS architecture and a human bodyOstap Soroka
 
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | Edureka
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | EdurekaAWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | Edureka
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | EdurekaEdureka!
 
Presentation
PresentationPresentation
PresentationLaxman Kumar
 
Javantura v4 - Keycloak – instant login for your app - Marko Štrukelj
Javantura v4 - Keycloak – instant login for your app - Marko ŠtrukeljJavantura v4 - Keycloak – instant login for your app - Marko Štrukelj
Javantura v4 - Keycloak – instant login for your app - Marko ŠtrukeljHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 

Weitere ähnliche Inhalte

Was ist angesagt?

AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...
AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...
AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...Edureka!
 
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOC
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOCBusiness Agility: Taking an App Global (at Speed) - Session Sponsored by ITOC
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOCAmazon Web Services
 
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Amazon Web Services
 
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price.
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price. Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price.
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price. Amazon Web Services
 
T3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your appsT3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your appsAmazon Web Services
 
AWS Glacier Tutorial | Edureka
AWS Glacier Tutorial | EdurekaAWS Glacier Tutorial | Edureka
AWS Glacier Tutorial | EdurekaEdureka!
 
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017Amazon Web Services
 
Intro to AWS Developer Tools, featuring AWS CodeStar
Intro to AWS Developer Tools, featuring AWS CodeStarIntro to AWS Developer Tools, featuring AWS CodeStar
Intro to AWS Developer Tools, featuring AWS CodeStarAmazon Web Services
 
Container Management on AWS with ECS, Docker and Blox - Level 400
Container Management on AWS with ECS, Docker and Blox - Level 400Container Management on AWS with ECS, Docker and Blox - Level 400
Container Management on AWS with ECS, Docker and Blox - Level 400Amazon Web Services
 
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...Edureka!
 
Workshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDOWorkshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDOJulien SIMON
 
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...Edureka!
 
Moving Viadeo to AWS (2015)
Moving Viadeo to AWS (2015)Moving Viadeo to AWS (2015)
Moving Viadeo to AWS (2015)Julien SIMON
 
Introduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaIntroduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaAn Nguyen
 
Serverless architectures on aws
Serverless architectures on awsServerless architectures on aws
Serverless architectures on awsPaolo latella
 
AWS architecture and a human body
AWS architecture and a human bodyAWS architecture and a human body
AWS architecture and a human bodyOstap Soroka
 
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | Edureka
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | EdurekaAWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | Edureka
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | EdurekaEdureka!
 

Was ist angesagt? (20)

AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...
AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...
AWS Certification | AWS Architect Certification Training | AWS Tutorial | AWS...
 
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOC
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOCBusiness Agility: Taking an App Global (at Speed) - Session Sponsored by ITOC
Business Agility: Taking an App Global (at Speed) - Session Sponsored by ITOC
 
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
Customer Sharing: Trend Micro - Analytic Engine - A common Big Data computati...
 
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price.
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price. Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price.
Amazon Lightsail: Jumpstart Your Cloud Project for a Low, Predictable Price.
 
T3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your appsT3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your apps
 
AWS Glacier Tutorial | Edureka
AWS Glacier Tutorial | EdurekaAWS Glacier Tutorial | Edureka
AWS Glacier Tutorial | Edureka
 
OTT on AWS – Build vs. Buy
OTT on AWS – Build vs. Buy OTT on AWS – Build vs. Buy
OTT on AWS – Build vs. Buy
 
Amazon Lightsail
Amazon LightsailAmazon Lightsail
Amazon Lightsail
 
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017
Extending VSTS Build/Release Pipelines to AWS - WIN402 - re:Invent 2017
 
Intro to AWS Developer Tools, featuring AWS CodeStar
Intro to AWS Developer Tools, featuring AWS CodeStarIntro to AWS Developer Tools, featuring AWS CodeStar
Intro to AWS Developer Tools, featuring AWS CodeStar
 
Container Management on AWS with ECS, Docker and Blox - Level 400
Container Management on AWS with ECS, Docker and Blox - Level 400Container Management on AWS with ECS, Docker and Blox - Level 400
Container Management on AWS with ECS, Docker and Blox - Level 400
 
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...
AWS Lambda Tutorial | Introduction to AWS Lambda | AWS Tutorial | AWS Trainin...
 
Workshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDOWorkshop AWS IoT @ SIDO
Workshop AWS IoT @ SIDO
 
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...
Amazon Lightsail Tutorial | What is Amazon Lightsail? | AWS Certification Tra...
 
Moving Viadeo to AWS (2015)
Moving Viadeo to AWS (2015)Moving Viadeo to AWS (2015)
Moving Viadeo to AWS (2015)
 
Introduction To AWS & AWS Lambda
Introduction To AWS & AWS LambdaIntroduction To AWS & AWS Lambda
Introduction To AWS & AWS Lambda
 
Serverless architectures on aws
Serverless architectures on awsServerless architectures on aws
Serverless architectures on aws
 
AWS Well Architected Framework
AWS Well Architected FrameworkAWS Well Architected Framework
AWS Well Architected Framework
 
AWS architecture and a human body
AWS architecture and a human bodyAWS architecture and a human body
AWS architecture and a human body
 
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | Edureka
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | EdurekaAWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | Edureka
AWS Elastic Beanstalk Tutorial | AWS Certification | AWS Tutorial | Edureka
 

Andere mochten auch

Keycloak で SSO #渋谷java
Keycloak で SSO #渋谷javaKeycloak で SSO #渋谷java
Keycloak で SSO #渋谷javaYoshimasa Tanabe
 
Sprint 38 review
Sprint 38 reviewSprint 38 review
Sprint 38 reviewManageIQ
 
Microservices with WildFly Swarm - JavaSI 2016
Microservices with WildFly Swarm - JavaSI 2016Microservices with WildFly Swarm - JavaSI 2016
Microservices with WildFly Swarm - JavaSI 2016Charles Moulliard
 
Writing Java EE microservices using WildFly Swarm
Writing Java EE microservices using WildFly SwarmWriting Java EE microservices using WildFly Swarm
Writing Java EE microservices using WildFly SwarmComsysto Reply GmbH
 
WildFly Swarm: Criando Microservices com Java EE 7
WildFly Swarm: Criando Microservices com Java EE 7WildFly Swarm: Criando Microservices com Java EE 7
WildFly Swarm: Criando Microservices com Java EE 7George Gastaldi
 
Security enforcement of Microservices with API Management
Security enforcement of Microservices with API ManagementSecurity enforcement of Microservices with API Management
Security enforcement of Microservices with API ManagementCharles Moulliard
 
WildFly Swarm - Rightsize Your Java EE Apps
WildFly Swarm - Rightsize Your Java EE AppsWildFly Swarm - Rightsize Your Java EE Apps
WildFly Swarm - Rightsize Your Java EE AppsYoshimasa Tanabe
 
Security enforcement of Java Microservices with Apiman & Keycloak
Security enforcement of Java Microservices with Apiman & KeycloakSecurity enforcement of Java Microservices with Apiman & Keycloak
Security enforcement of Java Microservices with Apiman & KeycloakCharles Moulliard
 
Security Day IAM Recommended Practices
Security Day IAM Recommended PracticesSecurity Day IAM Recommended Practices
Security Day IAM Recommended PracticesAmazon Web Services
 
Authentication - Alberto Bellotti - ManageIQ Design Summit 2016
Authentication - Alberto Bellotti - ManageIQ Design Summit 2016Authentication - Alberto Bellotti - ManageIQ Design Summit 2016
Authentication - Alberto Bellotti - ManageIQ Design Summit 2016ManageIQ
 
High Availability - Brett Thurber - ManageIQ Design Summit 2016
High Availability - Brett Thurber - ManageIQ Design Summit 2016High Availability - Brett Thurber - ManageIQ Design Summit 2016
High Availability - Brett Thurber - ManageIQ Design Summit 2016ManageIQ
 
Migrating a US Army Application to the Cloud | AWS Public Sector Summit 2016
Migrating a US Army Application to the Cloud | AWS Public Sector Summit 2016Migrating a US Army Application to the Cloud | AWS Public Sector Summit 2016
Migrating a US Army Application to the Cloud | AWS Public Sector Summit 2016Amazon Web Services
 
Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)
Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)
Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)VMware Tanzu
 

Andere mochten auch (20)

Presentation
PresentationPresentation
Presentation
 
Javantura v4 - Keycloak – instant login for your app - Marko Štrukelj
Javantura v4 - Keycloak – instant login for your app - Marko ŠtrukeljJavantura v4 - Keycloak – instant login for your app - Marko Štrukelj
Javantura v4 - Keycloak – instant login for your app - Marko Štrukelj
 
SSO_Good_Bad_Ugly
SSO_Good_Bad_UglySSO_Good_Bad_Ugly
SSO_Good_Bad_Ugly
 
Openshift v3-a-revolucao-dos-containers-3
Openshift v3-a-revolucao-dos-containers-3Openshift v3-a-revolucao-dos-containers-3
Openshift v3-a-revolucao-dos-containers-3
 
Keycloak で SSO #渋谷java
Keycloak で SSO #渋谷javaKeycloak で SSO #渋谷java
Keycloak で SSO #渋谷java
 
Sprint 38 review
Sprint 38 reviewSprint 38 review
Sprint 38 review
 
Microservices with WildFly Swarm - JavaSI 2016
Microservices with WildFly Swarm - JavaSI 2016Microservices with WildFly Swarm - JavaSI 2016
Microservices with WildFly Swarm - JavaSI 2016
 
Writing Java EE microservices using WildFly Swarm
Writing Java EE microservices using WildFly SwarmWriting Java EE microservices using WildFly Swarm
Writing Java EE microservices using WildFly Swarm
 
WildFly Swarm: Criando Microservices com Java EE 7
WildFly Swarm: Criando Microservices com Java EE 7WildFly Swarm: Criando Microservices com Java EE 7
WildFly Swarm: Criando Microservices com Java EE 7
 
Security enforcement of Microservices with API Management
Security enforcement of Microservices with API ManagementSecurity enforcement of Microservices with API Management
Security enforcement of Microservices with API Management
 
WildFly Swarm - Rightsize Your Java EE Apps
WildFly Swarm - Rightsize Your Java EE AppsWildFly Swarm - Rightsize Your Java EE Apps
WildFly Swarm - Rightsize Your Java EE Apps
 
Security enforcement of Java Microservices with Apiman & Keycloak
Security enforcement of Java Microservices with Apiman & KeycloakSecurity enforcement of Java Microservices with Apiman & Keycloak
Security enforcement of Java Microservices with Apiman & Keycloak
 
Javantura v4 - What’s NOT new in modular Java - Milen Dyankov
Javantura v4 - What’s NOT new in modular Java - Milen DyankovJavantura v4 - What’s NOT new in modular Java - Milen Dyankov
Javantura v4 - What’s NOT new in modular Java - Milen Dyankov
 
Javantura v4 - (Spring)Boot your application on Red Hat middleware stack - Al...
Javantura v4 - (Spring)Boot your application on Red Hat middleware stack - Al...Javantura v4 - (Spring)Boot your application on Red Hat middleware stack - Al...
Javantura v4 - (Spring)Boot your application on Red Hat middleware stack - Al...
 
Security Day IAM Recommended Practices
Security Day IAM Recommended PracticesSecurity Day IAM Recommended Practices
Security Day IAM Recommended Practices
 
Authentication - Alberto Bellotti - ManageIQ Design Summit 2016
Authentication - Alberto Bellotti - ManageIQ Design Summit 2016Authentication - Alberto Bellotti - ManageIQ Design Summit 2016
Authentication - Alberto Bellotti - ManageIQ Design Summit 2016
 
High Availability - Brett Thurber - ManageIQ Design Summit 2016
High Availability - Brett Thurber - ManageIQ Design Summit 2016High Availability - Brett Thurber - ManageIQ Design Summit 2016
High Availability - Brett Thurber - ManageIQ Design Summit 2016
 
Migrating a US Army Application to the Cloud | AWS Public Sector Summit 2016
Migrating a US Army Application to the Cloud | AWS Public Sector Summit 2016Migrating a US Army Application to the Cloud | AWS Public Sector Summit 2016
Migrating a US Army Application to the Cloud | AWS Public Sector Summit 2016
 
Javantura v4 - Cloud-native Architectures and Java - Matjaž B. Jurič
Javantura v4 - Cloud-native Architectures and Java - Matjaž B. JuričJavantura v4 - Cloud-native Architectures and Java - Matjaž B. Jurič
Javantura v4 - Cloud-native Architectures and Java - Matjaž B. Jurič
 
Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)
Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)
Cloud Foundry Compared With Other PaaSes (Cloud Foundry Summit 2014)
 

Ähnlich wie AD Authenticate All The Things

VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...Amazon Web Services
 
How You Can Use AWS Identity Services to Be Successful on Your AWS Cloud Journey
How You Can Use AWS Identity Services to Be Successful on Your AWS Cloud JourneyHow You Can Use AWS Identity Services to Be Successful on Your AWS Cloud Journey
How You Can Use AWS Identity Services to Be Successful on Your AWS Cloud JourneyAmazon Web Services
 
Jeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdf
Jeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdfJeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdf
Jeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdfJean-François LOMBARDO
 
Best practices for choosing identity solutions for applications + workloads -...
Best practices for choosing identity solutions for applications + workloads -...Best practices for choosing identity solutions for applications + workloads -...
Best practices for choosing identity solutions for applications + workloads -...Amazon Web Services
 
AWS Chicago user group: AWS Platform for .NET Developers
AWS Chicago user group: AWS Platform for .NET DevelopersAWS Chicago user group: AWS Platform for .NET Developers
AWS Chicago user group: AWS Platform for .NET DevelopersAWS Chicago
 
AWS Enterprise Summit London 2015 | Adobe Creative Cloud and AWS
AWS Enterprise Summit London 2015 | Adobe Creative Cloud and AWS AWS Enterprise Summit London 2015 | Adobe Creative Cloud and AWS
AWS Enterprise Summit London 2015 | Adobe Creative Cloud and AWSAmazon Web Services
 
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...Amazon Web Services
 
2018 10-17 J1 3C - Hybrid architectures with Amazon Web Services, Office 365 ...
2018 10-17 J1 3C - Hybrid architectures with Amazon Web Services, Office 365 ...2018 10-17 J1 3C - Hybrid architectures with Amazon Web Services, Office 365 ...
2018 10-17 J1 3C - Hybrid architectures with Amazon Web Services, Office 365 ...Modern Workplace Conference Paris
 
AWS business essentials - Toronto
AWS business essentials - TorontoAWS business essentials - Toronto
AWS business essentials - TorontoAmazon Web Services
 
Cloud Migration Insights Forum, Melbourne
Cloud Migration Insights Forum, MelbourneCloud Migration Insights Forum, Melbourne
Cloud Migration Insights Forum, MelbourneAmazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Migrate Microsoft Applications to AWS like an Expert (WIN301) - AWS re:Invent...
Migrate Microsoft Applications to AWS like an Expert (WIN301) - AWS re:Invent...Migrate Microsoft Applications to AWS like an Expert (WIN301) - AWS re:Invent...
Migrate Microsoft Applications to AWS like an Expert (WIN301) - AWS re:Invent...Amazon Web Services
 
Cloud Migration Insights Forum, Sydney
Cloud Migration Insights Forum, SydneyCloud Migration Insights Forum, Sydney
Cloud Migration Insights Forum, SydneyAmazon Web Services
 
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...Amazon Web Services
 
Migrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWSMigrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWSAmazon Web Services
 
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...AWS identity services - Enabling & securing your cloud journey - SEC202 - San...
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...Amazon Web Services
 
AWS CLI Tutorial | Introduction To AWS Command Line Interface | AWS Training ...
AWS CLI Tutorial | Introduction To AWS Command Line Interface | AWS Training ...AWS CLI Tutorial | Introduction To AWS Command Line Interface | AWS Training ...
AWS CLI Tutorial | Introduction To AWS Command Line Interface | AWS Training ...Edureka!
 

Ähnlich wie AD Authenticate All The Things (20)

VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
VMware Cloud on AWS: A World of Unique Integrations Between VMware and AWS - ...
 
How You Can Use AWS Identity Services to Be Successful on Your AWS Cloud Journey
How You Can Use AWS Identity Services to Be Successful on Your AWS Cloud JourneyHow You Can Use AWS Identity Services to Be Successful on Your AWS Cloud Journey
How You Can Use AWS Identity Services to Be Successful on Your AWS Cloud Journey
 
Jeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdf
Jeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdfJeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdf
Jeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdf
 
Best practices for choosing identity solutions for applications + workloads -...
Best practices for choosing identity solutions for applications + workloads -...Best practices for choosing identity solutions for applications + workloads -...
Best practices for choosing identity solutions for applications + workloads -...
 
AWS Chicago user group: AWS Platform for .NET Developers
AWS Chicago user group: AWS Platform for .NET DevelopersAWS Chicago user group: AWS Platform for .NET Developers
AWS Chicago user group: AWS Platform for .NET Developers
 
AWS Enterprise Summit London 2015 | Adobe Creative Cloud and AWS
AWS Enterprise Summit London 2015 | Adobe Creative Cloud and AWS AWS Enterprise Summit London 2015 | Adobe Creative Cloud and AWS
AWS Enterprise Summit London 2015 | Adobe Creative Cloud and AWS
 
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
Simplifying Microsoft Architectures with AWS Services (WIN306) - AWS re:Inven...
 
2018 10-17 J1 3C - Hybrid architectures with Amazon Web Services, Office 365 ...
2018 10-17 J1 3C - Hybrid architectures with Amazon Web Services, Office 365 ...2018 10-17 J1 3C - Hybrid architectures with Amazon Web Services, Office 365 ...
2018 10-17 J1 3C - Hybrid architectures with Amazon Web Services, Office 365 ...
 
AWS business essentials
AWS business essentials AWS business essentials
AWS business essentials
 
AWS business essentials - Toronto
AWS business essentials - TorontoAWS business essentials - Toronto
AWS business essentials - Toronto
 
Cloud Migration Insights Forum, Melbourne
Cloud Migration Insights Forum, MelbourneCloud Migration Insights Forum, Melbourne
Cloud Migration Insights Forum, Melbourne
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Migrate Microsoft Applications to AWS like an Expert (WIN301) - AWS re:Invent...
Migrate Microsoft Applications to AWS like an Expert (WIN301) - AWS re:Invent...Migrate Microsoft Applications to AWS like an Expert (WIN301) - AWS re:Invent...
Migrate Microsoft Applications to AWS like an Expert (WIN301) - AWS re:Invent...
 
AWS Security By Design
AWS Security By DesignAWS Security By Design
AWS Security By Design
 
Cloud Migration Insights Forum, Sydney
Cloud Migration Insights Forum, SydneyCloud Migration Insights Forum, Sydney
Cloud Migration Insights Forum, Sydney
 
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
Security & Governance on AWS – Better, Faster, and Cost Effective - Technical...
 
Migrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWSMigrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWS
 
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...AWS identity services - Enabling & securing your cloud journey - SEC202 - San...
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...
 
AWSome Day MODULE 4 - Security
AWSome Day MODULE 4 - SecurityAWSome Day MODULE 4 - Security
AWSome Day MODULE 4 - Security
 
AWS CLI Tutorial | Introduction To AWS Command Line Interface | AWS Training ...
AWS CLI Tutorial | Introduction To AWS Command Line Interface | AWS Training ...AWS CLI Tutorial | Introduction To AWS Command Line Interface | AWS Training ...
AWS CLI Tutorial | Introduction To AWS Command Line Interface | AWS Training ...
 

Kürzlich hochgeladen

Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 

Kürzlich hochgeladen (20)

Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 

AD Authenticate All The Things

  • 1. AD Authenticate the AWS Management Console Alan Williams Enterprise Architect Advanced AWS Meetup – June 2015
  • 2. © 2015 Autodesk  Technology Generalist  Background in Infrastructure  @ Autodesk ~10 years  Spoken at OpenWorld, .conf and re:Invent  AWS user for ~5 years  Motorcyclist  Soft spot for pit bulls  @alanwill on Who Am I?
  • 3. © 2015 Autodesk  Leader in 3D design, engineering and entertainment software  Introduced AutoCAD in 1982  Empowering the Maker movement  Helping our customers imagine, design and create a better world  ~11,000 global employees Who is Autodesk?
  • 5. © 2015 Autodesk  Problem  Solution  Demo  How  Benefits  Next Agenda
  • 7. © 2015 Autodesk  Identity Management  Too many  Lots of AWS accounts  Access Control  Too complex to manage  Too difficult to enforce  Inconvenient  What’s my password? Problem
  • 10. © 2015 Autodesk  AWS Federated Logins  IAM Identity Providers  On-premises Identity Provider  PingFederate, Okta etc…  On-premises Identity Store  Active Directory  SAML  Security Assertion Markup Language Solution
  • 11. Demo
  • 13. © 2015 Autodesk Workflow *Diagram adapted from AWS STS documentation for Autodesk relevance http://docs.aws.amazon.com/STS/latest/UsingSTS/STSMgmtConsole-SAML.html
  • 14. © 2015 Autodesk  Go to IdP page  Example: https://aws.company.com  Enter AD credentials  jdoe / ******** #1 – IdP Initiated SSO
  • 15. © 2015 Autodesk  AD  Validates credentials  Responds with all user’s security groups to IdP  IdP  Applies filters and performs field extraction  Sends to client AWS account(s) + IAM role(s) in SAML assertion #2/3 – Authentication
  • 16. © 2015 Autodesk AD Security Group Naming Convention
  • 17. © 2015 Autodesk  Client posts assertion to AWS SSO endpoint  AWS validates request and matches AWS account numbers and roles  Presents list of AWS accounts to user for sign in #4/5/6 - Authorization
  • 21. © 2015 Autodesk Create IAM Identity Provider
  • 22. © 2015 Autodesk Create IAM Identity Provider
  • 23. © 2015 Autodesk Create IAM Identity Provider
  • 24. © 2015 Autodesk Create IAM Identity Provider
  • 25. © 2015 Autodesk Create IAM Identity Provider
  • 26. © 2015 Autodesk Create an IAM Role
  • 32. © 2015 Autodesk Role Name Example IAM Role Policy Account-Admin AdministratorAccess Policy Account-ReadOnly ReadOnlyAccess Policy Application-Admins PowerUserAccess Policy Database-Admins AmazonRDSFullAccess + AmazonRedshiftFullAccess Policies Network-Admins AmazonVPCFullAccess + AWSDirectConnectFullAccess Policies Security-Admins SecurityAudit Policy Server-Admins AmazonEC2FullAccess Policy Optional: Multiple Roles
  • 33. © 2015 Autodesk Optional: Multiple Roles, same account
  • 34. © 2015 Autodesk Optional: Two Factor Authentication
  • 35. © 2015 Autodesk  Create AD Security Groups  following naming convention  Create IAM Identity Provider  Create IAM Roles On-boarding New Accounts
  • 36. © 2015 Autodesk  AD security group membership  Role based access control Managing Access
  • 38. © 2015 Autodesk  Standardized authentication  Improved security  Convenient user experience  Flexible  Scalable to 100s+ accounts Benefits
  • 40. © 2015 Autodesk  IAM Keys Vending Machine  Access/Secret Key self service portal  Temporary, expires in 24 hours Next Steps
  • 41. © 2015 Autodesk  Using Identity Providers  http://goo.gl/qf7NpN  Using SAML Providers  http://goo.gl/cBMswu  IAM Federated User Access  http://goo.gl/5nIMt9 Documentation Resources
  • 43. Autodesk is a registered trademark of Autodesk, Inc., and/or its subsidiaries and/or affiliates in the USA and/or other countries. All other brand names, product names, or trademarks belong to their respective holders. Autodesk reserves the right to alter product and services offerings, and specifications and pricing at any time without notice, and is not responsible for typographical or graphical errors that may appear in this document. © 2015 Autodesk. All rights reserved.