AWS Identity Round Table (Amazon Web Services)

From IIW

AWS_Identity_Round_Table

Wednesday 2H

Convener: Bob Kinney

Notes-taker(s):

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

We discussed the various product teams represented

  • Login with Amazon (LWA) - http://login.amazon.com
    • Use Amazon as an Identity Provider
    • Integrates with Amazon Payments for “Login and Pay"
  • AWS Identity and Access Management (IAM) - http://aws.amazon.com/iam/
    • Create and define policies for what resources are accessible for users
  • Secure Token Service
    • Create temporary credentials for accessing other AWS services
    • Mobile identity + data sync
    • Users can transition from “guest” to authenticated users
    • Multiple authentication methods supported
  • AWS Directory Service - http://aws.amazon.com/directoryservice/
    • Managed Active Directory (AD) in the cloud, based on Samba 4
    • Can link to on premise AD
    • Federated access to other AWS services (WorkDocs, WorkSpaces)

There was a spirited discussion on Amazon’s (not AWS’s) lack of MFA or 2nd factor authentication. This is something that is on the road map, but no time table can be committed at this time.

We also discussed various other channels for information exchange: