Increase Security in your AWS Environment
This technology center will provide detailed guidance to help you increase the security of your AWS environment across the AWS management platform, EC2 instances that you create in that environment as well as the applications that you host on those instances. The net benefits are:
Here are the main topics covered in this TechCenter:
Secure AWS Service Management
Secure your AWS Accounts
Centrify enables you to vault the password for your AWS root accounts and enforce MFA for break-glass access.
- Learn how to secure your AWS Accounts by vaulting the AWS root account password, establishing role-based access controls, requiring MFA before shared account usage from Centrify portal.
- Learn how to use Service Now for request access to your AWS root account:
Federated Access for AWS Management
Centrify extends your existing privileged access security solution by federating access from your existing directory service (Active Directory, LDAP, Centrify Cloud or Google G Suite Directory) to the AWS Management Console and API Interfaces. This enables you to seamlessly control access to roles within AWS IAM to enforce least privileges across AWS Services.
- Learn how to setup federation for Active Directory login and Role-based privileges within AWS IAM.
Privileged Access for EC2 Instances
Centrify extends enterprise authentication to EC2 instances by brokering identities from your existing directory (AD, LDAP, cloud or Google) to centralize authentication while enforcing least privilege policies for your EC2 instances – controlling who can login, adding multi-factor authentication, granting privileges based on role and auditing all privileged access activity.
- Learn how to automate the integrate of Linux Instances into Active Directory via Chef and OpsWorks to control user login and privileges.
- Learn how to setup and use Centrify Privilege Service to manage shared accounts,
- Learn how to setup and use Centrify Identity Broker for Linux
- Learn how to setup MFA for Windows EC2 Instance login
- Learn how to secure privileged access to AWS RDS for SQL Server
- Learn how to use CloudWatch to monitor Centrify AuditTrail data
Enterprise Access for Hosted Apps
Centrify extends enterprise identities to hosted applications with federated authentication for employees, business partners and customers. This solution also enforces MFA and Smart Card authentication to satisfy stringent security requirements, and prove compliance where required. And additionally, it can minimize the attack surface by securing remote access to applications running on EC2 instances without a VPN
- Learn how to integrate SAML into your C#, Ruby on Rails, Python, Java or PHP-based applications using the right
Automating AWS EC2 Instance Creation and Management
Centrify Server Suite and Privilege Service are used to secure privileged access to resources. DevOps has become the dominant solution for software management and configuration in hybrid clouds. Here are some resources available for you to leverage these frameworks in AWS
Centrify Server Suite (CentrifyDC) and Privilege Service (CentrifyCC) clients