AWS Identity Round Table (Amazon Web Services)
From IIW
AWS_Identity_Round_Table
Wednesday 2H
Convener: Bob Kinney
Notes-taker(s):
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
We discussed the various product teams represented
- Login with Amazon (LWA) - http://login.amazon.com
- Use Amazon as an Identity Provider
- Integrates with Amazon Payments for “Login and Pay"
- AWS Identity and Access Management (IAM) - http://aws.amazon.com/iam/
- Create and define policies for what resources are accessible for users
- Secure Token Service
- Create temporary credentials for accessing other AWS services
- Amazon Cognito - http://aws.amazon.com/cognito/
- Mobile identity + data sync
- Users can transition from “guest” to authenticated users
- Multiple authentication methods supported
- AWS Directory Service - http://aws.amazon.com/directoryservice/
- Managed Active Directory (AD) in the cloud, based on Samba 4
- Can link to on premise AD
- Federated access to other AWS services (WorkDocs, WorkSpaces)
There was a spirited discussion on Amazon’s (not AWS’s) lack of MFA or 2nd factor authentication. This is something that is on the road map, but no time table can be committed at this time.
We also discussed various other channels for information exchange:
- AWS Summits - http://aws.amazon.com/summits/
- Free to the public, locations world wide
- AWS Pop-up Loft - http://aws.amazon.com/start-ups/loft/
- Loft area for Start Ups
- “Ask the experts”
- Workshops with engineers and solutions architects
- AWS re:Invent - http://reinvent.awsevents.com/
- Yearly user conference in Las Vegas
- Previous years talks on YouTube -**https://www.youtube.com/user/AmazonWebServices/Cloud