Profile picture
, 10 tweets, 5 min read
My Authors
Read all threads
@AWSIdentity just supercharged🔌attribute-based access control (ABAC) by adding session tags😱. This is a powerful capability and here are all the reasons why (1/9) aws.amazon.com/blogs/aws/new-…
@AWSIdentity Session tags enable you to pass attributes from your IdP to role sessions. This means your identity no longer goes “poof”🌬️when you federate into AWS (2/9)
@AWSIdentity You can use session tags for access control and they act just like principal tags. This means your identity provider becomes the source of truth for access control in AWS (3/9)
@AWSIdentity We launched with 7 partners to make this feature available from your IdP including @pingidentity, @okta , @auth0, @OneLogin, @RSAsecurity, @IBM, and @ForgeRock (4/9)
@AWSIdentity Session tags are logged in CloudTrail during assume role making is easier for you to track, monitor, and audit who did each action when multiple humans assume a single role (5/9)
@AWSIdentity You can require specific session tag keys and values using trust policies to consistently rely on attributes for access control (6/9)
@AWSIdentity You can pass session tags from one role assumption to another (role-chaining). This helps you track the end to end path a user takes (7/9)
@AWSIdentity Session tags work for all assume role scenarios. This is one feature where I can’t wait to hear👂how customer use this capability in their workflows💻(8/9)
@AWSIdentity I will be talking about session tags and doing a demonstration during my #reinvent Access Control Confidence talk at re:Invent as will Sulay and Quint (9/9)
@AWSIdentity Happy #preinvent AWS! 🥂
Missing some Tweet in this thread? You can try to force a refresh.

Enjoying this thread?

Keep Current with Brigid Johnson

Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Related hashtags

#reinvent #preinvent

Related threads

Profile picture
Helen
@helenanders26
(1/28)

It’s time for a thread, an #AWS thread, to make sure you know your CloudFront from CloudTrail, and Athena from Aurora … with a little help from the #devcommunity

👇
(2/28)

A is for Alarm

If you are new to #AWS and are using the free tier you may want to add a #CloudWatch Billing Alarm to make sure you don't run into any unexpected charges.

Learn more about CloudWatch with @kylegalbraith

dev.to/kylegalbraith/…
@kylegalbraith (3/28)

B is for Bucket

#AWS #S3 buckets store objects, similar to files and folders on your local machine.

Learn more about S3 with @DavidOjedaL

dev.to/david_ojeda/aw…
Read 28 tweets
Profile picture
Eric Hammond
@esh
I don't assign required reading very often, but it's time for another.

If you are responsible for any AWS account(s), set aside 45 minutes and watch this recent AWS #reInforce presentation by @bjohnso5y about Attribute-Based Access Control (ABAC).

And if you are a presenter who needs to teach me technical concepts, please watch this video.

To understand the new concept, I need more than just terms, definitions, and flow diagrams.

Show me code.

Walk me slowly through the code, with serious emphasis on the important bits.
The demo is a bonus that puts it all together.

Now, I not only understand the new technical concept, but I also have a chance of going out and using it in practice.

Thank you, @bjohnso5y!

I've added you to my (short) list of presenters I can't miss at AWS #reInvent.
Read 3 tweets
Profile picture
Abby Fuller
@abbyfuller
🎉 Boom! 🎉

New and exciting for #aws #ECS: ECS now supports running clusters of GPU-based instances (p2 and p3 instance types)

🔢 Set # of GPUs in your task and ECS will schedule and pin physical GPUs to the correct containers 💃🏻

➡️ Full post here: docs.aws.amazon.com/AmazonECS/late…
i've moved the issue over to shipped on the public roadmap: github.com/aws/containers…

happy building, or in this case, maybe training? 😂
🗒️ if you're looking for an actual "what's new" post (instead of the documentation i accidentally linked to) here ya go: aws.amazon.com/about-aws/what…
Read 3 tweets
Profile picture
Simon Wardley #EEA
@swardley
AWS Firecracker ... "powering multiple high-volume AWS services including AWS Lambda" ...

Repeat after me, the future of containers are invisible subsystems, the future of containers are invisible subsystems ...

aws.amazon.com/blogs/aws/fire…
X : What do you think of AWS Firecracker?
Me : It's a shibboleth. One faction of people will go "just use Lambda". Another faction will go "Yeah, let's build our own Lambda. Pass the tequila and the big bucket of money" before later going "My head hurts, lets just use Lambda"
... it's unfortunate that some corporates think cool is drunk and broke on their own home brewed kool-aid. But at least AWS gives them every opportunity of a less harmful path i.e. make a mess in the data centre, decide to use the public version, finally give up and go Lambda.
Read 5 tweets
Profile picture
IoT Safari
@iotsafari
1\n #Amazon has done much more for building and deploying #IoT devices in a secure and robust manner than any other ecosystem organization. Their focus? Help build and deploy more connected devices. If you are building connected devices, this summary report is for you:
2\n Both their arms #Alexa and #AWS offer solutions at both the ends: the device (h/w and s/w dev kits) and the cloud. So how does it help you, the device maker? Let's find out. Every tweet below is an Amazon solution. Let's start with Alexa first.
3\n Control via #Alexa 1: If you've built a cloud connected device, use the Alexa SmartHome Skill to link it to Alexa. Then users can asks Alexa to ctrl your device, which goes to Alexa cloud, then to your skill, then your cloud and finally to your device. developer.amazon.com/docs/smarthome…
Read 15 tweets
Profile picture
Connor Ratliff
@connorratliff
45 Days Of @ElvisCostello: a twitter megathread in anticipation of the Oct 12 release date of LOOK NOW, the new LP by Elvis Costello & The Imposters

This is either a bright idea or a brilliant mistake, but this is only, this is only, this is only the beginning...
I did something similar to this 5 years ago, in anticipation of EC & @theroots' Wise Up Ghost LP, on tumblr.

(You can still find all those posts if you look, although a lot of the YouTube links etc are now dead ends. It was 40 Days Of EC then, so for 2018 I'm upping it to 45.)
Mostly I will be going chronologically from the early years right up to the present, but it feels right to start out with Costello's 2002 song, "45."

Music Video directed by @jessebdylan


(There's an alternate "diner" version I can't find anywhere online)
Read 2378 tweets

Trending hashtags

#investigation #tcot #Mob #yourewelcome #automotive #Watson #SIGINT #MQTT #jhope #Amazon #MicroTargeting #Editor #Facebook #RecordStoreDay #StorageGateway #ThePatriotTimes #SES #DeleteFacebook #S3 #HowToEvangelical #Hintze #Rosenstein #NothingIsRandom #RecliamYourData #NemblaForever
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!