As AWS experts, we often get asked how different technologies can work with AWS. Most recently we had a customer ask us how to use Azure Active Directory (AD) to manage user authentication to access the AWS console. While we don’t often discuss hybrid cloud technologies in this blog, we thought we’d share with you how we configured Azure AD to manage access to the AWS console.

A misconfigured data bucket in AWS Simple Storage Service (S3) led to a Republican contractor’s database of nearly every voter being left exposed on the Internet for 12 days, according to CRN. This news presents an unfortunate reminder of why good AWS security hygiene is important to designing, building and managing AWS environments. In this spirit, we’d like to explore two basic AWS best practices that when built-in can help stave off extreme events like this.
Jul 7, 2017 11:31:00 AM Flux7 Labs AWS Config/Rules, AWS IAM, AWS Tips and Tricks, Amazon S3, Configuration Management, Security Identity and Compliance
Read More »
We recently worked with a Fortune 500 manufacturer of heavy equipment that is focused on quality, productivity, and effectively connecting its customers with data-driven insights via technology. As an international, publicly traded organization, it is also careful about managing security, risk and compliance. So, when this manufacturer asked if we could set up an audit and notification system, we were happy to roll up our sleeves and begin work. (You can read here the full case study of this Fortune 100 customer.)

One of the approaches our AWS Consultants consistently take is Security by Design. By building security in from the beginning--rather than as an afterthought--security rules, processes and controls are inherent to the system. We like to think of it as a race car with the roll cage built into the frame vs. a race car built and the roll cage added afterward. Truthfully, which car would you feel safer helming?
Feb 17, 2017 1:42:33 PM Flux7 Labs Security Identity and Compliance, AWS IAM, Amazon EC2
Read More »
We have been working closely with a customer who is undergoing a business transformation. As a multimedia equipment manufacturer, the organization has a loyal following of its high quality devices. However, like many companies facing the convergence of markets and new customer demands, the company has embarked on a metamorphosis. Traditionally very focused on hardware, their software was largely ignored even though it offered customers real value. Part of the company’s transformation was a move to treat their software like a full-fledged offering, rather than a free supplement. An upcoming product release marked the first (and biggest steps), in cementing this change in company direction.
Feb 14, 2017 10:30:00 AM Flux7 Labs Migration, Ansible, Data, Security Identity and Compliance, AWS Accounts, AWS IAM, Amazon VPC
Read More »
In addition to the announced AWS CloudFormation YAML support, AWS also announced cross-stack references for CloudFormation. (For Flux7 commentary on YAML support, please see our blog post earlier this week here.) As our AWS experts work daily with CloudFormation, we were very interested in this news and couldn’t wait to roll up our sleeves and take a look for ourselves.
Sep 29, 2016 10:15:00 AM Flux7 Labs Management Tools and Processes, AWS Services Reviews, AWS CloudFormation, AWS Service Catalog, Amazon RDS, Amazon EC2, AWS ELB, AWS IAM
Read More »
As AWS experts we work closely with organizations who handle a wide variety of sensitive information – from patient health records to credit card data and more. Resultantly, we are always on the look-out for technology and best practice-based improvements to ensuring cloud-based security. With more and more of our clients looking to embrace a microservices architecture, cloud security and compliance naturally didn’t stop being a focus which is why we are happy at the news from AWS today that they’ve addressed how to help secure container-enabled applications with IAM Roles for ECS tasks.
Jul 15, 2016 9:00:00 AM Flux7 Labs Healthcare and Life Sciences, Developer Tools and Processes, Security Identity and Compliance, Compute, HashiCorp, AWS ECS, AWS IAM, Amazon S3
Read More »