AWS ABCs: Granting A Third-Party Access to Your Account

There can be times when you’re working on the AWS Cloud where you need to grant limited access to your account to a third-party. For example:

A contractor or a specialist needs to perform some work on your behalf
You’re having AWS Professional Services or a partner from the Amazon Partner Network do some work in your account
You’re conducting a pilot with AWS and you want your friendly neighborhood Solutions Architect to review something

In each of these cases you likely want to grant the permissions the third-party needs but no more. In other words, no granting of AdministratorAccess policies because it’s easy and just works. Instead, adherence to the principle of least privilege.

This post will describe two methods–IAM users and IAM roles–for proving limited access to third-parties.

Comparing the Two Approaches

The big difference with the IAM user approach vs the role-based approach is the way the credentials for each entity are handed out.

IAM users have long-term credentials that only change by a manual action (either the user or an administrator changes the credentials). Those credentials will continue to provide access to the account until they’re either changed or the user is disabled/deleted.

By contrast, roles Continue reading

Dell Joins AT&T to Further Develop Airship, Metal3-io, Ironic

Dell Technologies has joined with AT&T to collaborate on a number of open source technologies that the companies say will contribute to edge computing and 5G deployments, namely the Metal3-io (for Kubernetes) and Ryan Van Wyk, AT&T assistant vice president of network cloud software engineering at AT&T, in an interview with The New Stack. “The net effect is we’re helping to accelerate the deployment of open infrastructure that supports [software defined network] workloads. We see it as a flywheel effect in terms of making it easier for folks to deploy infrastructure and that makes it easier for them to grow their SDN ecosystem,” said Van Wyk. “Dell’s going to bring some focus to an area that’s core to their competency. When it comes to working on how to manage the RAID, the discs, the servers, the BIOS configurations, and validation of the hardware itself, and then integrate some of that stuff natively back into the Kubernetes Cluster API, those are things that are Continue reading

The First Networking Fundamentals Videos are Online

In mid-June I started another pet project - a series of webinars focused on networking fundamentals. In the first live session on June 18th we focused on identifying the challenges one has to solve when building an end-to-end networking solution, and the role of layered approach to networking.

Not surprisingly, we quickly went down the rabbit holes of computer networking history, including SCSI cables, serial connections and modems… but that’s where it all started, and some of the concepts developed at that time are still used today… oftentimes heavily morphed by recursive application of RFC 1925 Rule 11.

The View From On High On How To Beat Moore’s Law

The rapid changes underway in modern datacenters and HPC environment are demanding more compute power from a tech industry that is running into significant barriers to supplying that capacity. …

The View From On High On How To Beat Moore’s Law was written by Jeffrey Burt at .

When private 4G LTE is better than Wi-Fi

While cellular wireless is often thought of as a carrier service, IT organizations can benefit from deploying private 4G LTE technology to complement or even replace Wi-Fi and for specific use cases such as supporting IoT devices that generate large data sets and that are spread out over large areas.To read this article in full, please click here(Insider Story)

When private LTE is better than Wi-Fi

While cellular wireless is often thought of as a carrier service, IT organizations can benefit from deploying private LTE technology to complement or even replace Wi-Fi and for specific use cases such as supporting IoT devices that generate large data sets and that are spread out over large areas.To read this article in full, please click here(Insider Story)

VMworld 2019: Sneak Peak at Our Keynote Sessions. Plus a Chance to Win!

Networking & Security Keynotes at VMworld 2019

About a month ago, we published a VMworld security guide with shortlisted 100 to 300 level sessions that best illustrate real-world application of our products. This time, we’ll be focusing on two networking and security keynotes. The first keynote will highlight how VMware’s single-stack, complete networking and security platform can achieve a consistent operational network fabric for hybrid cloud environments, and the second keynote will focus on how users can leverage existing VMware infrastructure to implement a more effective, intrinsic security.

In addition, you will have a shot at winning Bose headphones simply by attending each event. Although chances are slim (1250 times harder to win both as opposed to just one), duplicate winners will be acknowledged so if you are looking for a present for yourself and a significant other, make sure to register and save on your yearly bonus! Winners will be announced at the end of each keynote, so make sure to stay until the end!

Showcase Keynote: Networking and Security for the Cloud Era [NETS3413KU]

There has never been a more exciting and challenging time in the networking space. As the cloud, application developers, IoT, Continue reading

AWS ABCs: Granting A Third-Party Access to Your Account

There can be times when you're working on the AWS Cloud where you need to grant limited access to your account to a third-party. For example:

A contractor or a specialist needs to perform some work on your behalf
You're having AWS Professional Services or a partner from the Amazon Partner Network do some work in your account
You're conducting a pilot with AWS and you want your friendly neighborhood Solutions Architect to review something

In each of these cases you likely want to grant the permissions the third-party needs but no more. In other words, no granting of AdministratorAccess policies because it's easy and just works. Instead, adherence to the principle of least privilege.

This post will describe two methods—IAM users and IAM roles—for proving limited access to third-parties.

Live Preview: Build and Test Workers Faster with Wrangler CLI 1.2.0

As part of my internship on the Workers Developer Experience team, I set out to polish the Wrangler CLI for Cloudflare Workers. If you're not familiar with Workers, the premise is quite simple: Write a bit of Javascript that takes in an HTTP request, does some processing, and spits out a response. The magic lies in where your Workers scripts run: on Cloudflare's edge network, which spans 193 cities in more than 90 countries. Workers can be used for nearly anything from configuring Cloudflare caching behavior to building entire serverless web applications. And, you don't have to worry about operations at all.

I was excited to focus on Wrangler, because Wrangler aims to make developing and publishing Workers projects a pleasant experience for everyone, whether you're a solo dev working on the next big thing, or an engineer at a Fortune 100 enterprise. The whole point of serverless is about reducing friction, and Wrangler reflects that ethos.

However, when I started at Cloudflare in early June, some parts of the development experience still needed some love. While working on a new WASM tutorial for the Workers documentation, I noticed a storm brewing in my browser…

Wrangler lets you test your Continue reading

Network Break 248: VMware Acquires Veriflow; Xirrus Changes Hands

Ned Bellavance drops in as guest co-host while Drew takes time off to make craft virtual donuts with an artisan baker in a remote mountain village. Ned and Greg analyze VMware's latest acquisition, discuss why Xirrus has changed hands, explore a new low-cost switch, opine on CloudFlare's forthcoming IPO, and more.

Network Break 248: VMware Acquires Veriflow; Xirrus Changes Hands

The post Network Break 248: VMware Acquires Veriflow; Xirrus Changes Hands appeared first on Packet Pushers.

Adtran Launches CAF Managed Test Service, New Switches

The service is an extension of the company's CAF testing offering announced in February.

© SDxCentral, LLC. Use of this feed is limited to personal, non-commercial use and is governed by SDxCentral's Terms of Use (https://www.sdxcentral.com/legal/terms-of-service/). Publishing this feed for public or commercial use and/or misrepresentation by a third party is prohibited.

Microsoft Buys jClarity to Jolt Java Support in Azure

The jClarity team has been a contributor to the AdoptOpenJDK project that helps users build...

Read More »

U.S. Delays Huawei Ban Another 90 Days

Huawei earned itself another narrow and temporary reprieve from a blanket ban against doing...

Read More »

Cisco and F5 Networks Discuss the Value of Tech Partnerships

SDxCentral spoke with Cisco and F5 Networks about their companies’ complementary approaches and...

Read More »

The Week in Internet News: White House Proposes Social Media Monitoring

We’re watching you: A leaked proposal from U.S. President Donald Trump’s administration would put the Federal Communications Commission in charge of regulating how social media platforms and other websites decide what appears on their pages, CNN reports. Critics said the proposal amounts to censorship.

We’re watching you, part 2: In other U.S. government news, the Trump administration has asked a court to reauthorized a suspended National Security Agency surveillance program, targeting the telephone records of U.S. residents, the New York Times reports. The Trump administration wants to make the controversial phone records collection program permanent.

Not just the U.S. government: The Indian government wants Twitter to block what it deems is fake news by suspending eight Kashmir-based accounts for allegedly spreading rumors, India Today reports. Indian security forces have alleged that groups in Pakistan have attempted to divide the security forces in Jammu and Kashmir, areas controlled by India but claimed by Pakistan.

Even more watching: Technicians from Chinese networking vendor Huawei have reportedly helped government officials in Uganda and Zambia spy on political opponents, TechCrunch reports. News reports have Huawei technicians helping the officials spy on the use of apps like WhatsApp and Skype and Continue reading

Migrating ipSpace.net Infrastructure to AWS

I’m too stupid to unwind and relax over summer - there’s always some janitorial task to be done, and I simply cannot leave it alone. This summer, I decided to migrate our server infrastructure to AWS.

TL&DR: It went smoother than I expected, and figuring out how AWS virtual networks, public IP addresses, and security groups work while creating AWS Networking webinar definitely helped, but it also took way longer than I expected.

Robust learning from untrusted sources

Robust learning from untrusted sources Konstantinov & Lampert, ICML’19

Welcome back to a new term of The Morning Paper! Just before the break we were looking at selected papers from ICML’19, including “Data Shapley.” I’m going to pick things up pretty much where we left off with a few more ICML papers…

Data Shapley provides us with one way of finding and correcting or eliminating low-value (and potentially harmful) data points from a training set. In today’s paper choice, Konstantinov & Lampert provide a way of assessing the value of datasets as a whole. The idea is that you might be learning e.g. a classifier by combining data from multiple sources. By assigning a value (weighting) to each of those data sources we can intelligently combine them to get the best possible performance out of the resulting trained model. So if you need more data in order to improve the performance of your model, ‘Robust learning from untrusted sources’ provides an approach that lets you tap into additional, potentially noisier, sources.

It’s similar in spirit to Snorkel which we looked at last year, and is designed to let you incorporate data from multiple ‘weakly supervised’ (i.e. noisy) Continue reading

The Future Of Networks Depends On Hyperscalers And Big Clouds

If you want for the rapid pace of innovation in datacenter networking to continue, then you had better hope that the hyperscalers and major public cloud builders don’t run out of money. …

The Future Of Networks Depends On Hyperscalers And Big Clouds was written by Timothy Prickett Morgan at .

The Future of Tech: New Products On The Market

Technology is continuing to grow by leaps and bounds with artificial intelligence (AI) and smart technologies are leading the way. As technology grows so does the number of new inventions both large and small. Here is a look at some of the new products hitting the market in 2019 and 2020, some of which are still under development in Kickstarter campaigns and others that are already available for purchase online.

5 New Tech-Savvy Products

OraSaifu: This new computerized smart wallet allows you keep all credit cards, membership cards, and cryptocurrency all in one place and accessible with just a swipe of your finger. You can use OraSaifu directly to pay for purchases and it will even unlock your door for you.

InstaDreamer: InstaDreamer is a vibrating bracelet that vibrates while you are sleeping, which will put you into a lucid dream allowing you to dream of visiting exotic places, meet your favorite celebrities in a dream, and experience fantasies while getting a good night’s sleep. This bracelet will even analyze your sleep cycles for you, so you know when you get the best sleep.

Sonic Beer: For those individuals who love the foam head on their beer, Continue reading

« Previous 1 … 1,196 1,197 1,198 1,199 1,200 … 3,868 Next »