WAF (Web Application Firewall) is a firewall service to protect web applications from common web exploit attacks such as SQL injection or Cross-Site Scripting. You can setup the rules to filter out malicious traffic.
Continue reading “[AWS] AWS WAF (Web Application Firewall)”[AWS] Key Management Service (KMS)
Key Management Service (KMS) is a regional secure key management service (FIPS 140-2 level 2 validated) that provides encryption and decryption. KMS is integrated with most of other AWS services.
Continue reading “[AWS] Key Management Service (KMS)”[AWS] Connecting VPCs
There are a couple of ways to connect instances and services in one VPC with other VPCs. – VPC Peering, Open VPC to the Internet, or AWS PrivateLink.
Continue reading “[AWS] Connecting VPCs”[AWS] AWS Directory Service
AWS Directory Service is a managed service that connects AWS resources with Microsoft Active Directory (AD) or Lightweight Directory Access Protocol (LDAP)-aware applications.
- Existing cooperate credentials are used to access AWS resources using Single Sign-On (SSO).
[AWS] IDF, Cognito, and SSO
IDF (Identity Federation) is an architecture where the identities of an external identity provider (IDP) are recognized.
Continue reading “[AWS] IDF, Cognito, and SSO”[AWS] DataSync
DataSync is an online data transfer service that automates transferring large amounts of data to and from AWS storage services over the internet or AWS Direct Connect (DX) in a simple way.
Continue reading “[AWS] DataSync”[AWS] AWS Organizations
AWS Organizations is a centralized global management service of AWS accounts (up to 20) and billings.
- All accounts within an AWS Organization can consolidate bills into a single account.
- A paying account should be used for billing purposes only.
- Economy of scale – by using more, you can save more. (Volume pricing discount)
[AWS] Policies
IAM policy is a JSON document that defines permissions for users and resources. To uniquely identify AWS resources, Amazon Resource Names (ARNs) are used.
Continue reading “[AWS] Policies”
Scriptorium 