[AWS] AWS WAF (Web Application Firewall)

WAF (Web Application Firewall) is a firewall service to protect web applications from common web exploit attacks such as SQL injection or Cross-Site Scripting. You can setup the rules to filter out malicious traffic.

Continue reading “[AWS] AWS WAF (Web Application Firewall)”

[AWS] IDF, Cognito, and SSO

IDF (Identity Federation) is an architecture where the identities of an external identity provider (IDP) are recognized.

Types of IDF

  • Cross-account roles: A remote account is allowed to assume a role and access your account’s resources,
  • SAML 2.0 IDF: It allows users of SAMAL compatible system such as Active Directory (AD) to log in to the AWS services.
  • Web Identity Federation: External web-based IDPs (Google, Facebook) are allowed to assume roles.
Continue reading “[AWS] IDF, Cognito, and SSO”