Azure Feeds’ Post

Hello LinkedIn community, Looking to enhance the security of your AWS app integration? Check out this comprehensive blog post providing valuable insights into strengthening security when using two-way trusts between your self-managed Microsoft Active Directory and your AWS Managed Microsoft AD for accessing AWS applications. The post covers practical information on configuring selective authentication, least privilege permissions, and more to bolster your Active Directory environment. Read the full blog post here: https://ift.tt/IP9HWmK #AWSDirectoryService #ActiveDirectory #AWSManagedMicrosoftAD #SecurityEnhancement #AWSIntegration #SelectiveAuthentication #LeastPrivilegePermissions

Web Identity Federation (AssumeRoleWithWebIdentity) is used to provide temporary access to your AWS resources. You can let users sign in using a well know identity provider such as Amazon, Facebook, or any OIDC 2.0 compatible provider. In my opinion, this is the best way to securely access your AWS resources especially when dealing with Web Portal or Mobile Applications. Want to understand this? Want to apply this setup in your application? Email me at [email protected].

🔐 Amazon Cognito now offers email authentication as a flexible and secure option for User Pools, alongside SMS and TOTP-based MFA. This update provides more customization for secure login flows, making it easier to balance user experience with security requirements. #AWS #AmazonCognito #CloudSecurity #MFA #IAM #awscommunity

Azure User-Assigned Managed Identity is very convenient. It allows you to define a a single managed identity instance that can be used for multiple resources. I see that this is used very poorly by Azure users for their apps. i.e. They assign very broad scoped managed identities to resources that don't need that level of access. Remember - this is equally bad (if not worse) than using broad scope user access assignment.

Did the EU force Microsoft to let third parties like CrowdStrike run riot in the Windows kernel as a result of a 2009 undertaking? This is the implication being peddled by the Redmond-based cloud and software titan. As the tech industry deals with the fallout from the CrowdStrike incident, Microsoft is facing questions. Why is software like CrowdStrike permitted to run at such a low level, where a failure could spell disaster for the operating system? #microsoft #crowdstrike #kernel

If ever you needed a reason to automate your app and OS updates, to ensure a fast, predictive and error free update, this might be it. https://t.ly/ga5b7 Rimo3 cloud automation platform for app and OS life cycle management has your back. Try it for free. www.rimo3.com #rimo3 #appsmanagement #W10EOL #automation

In Case You Missed It! The finger pointing has begun. Did the EU force Microsoft to let third parties like CrowdStrike run riot in the Windows kernel as a result of a 2009 undertaking? This is the implication being peddled by the Redmond-based cloud and software titan. As the tech industry deals with the fallout from the CrowdStrike incident, Microsoft is facing questions. Why is software like CrowdStrike permitted to run at such a low level, where a failure could spell disaster for the operating system? To be clear, Microsoft is not to blame for the now-pulled update that continues to cause chaos. However, the underlying architecture that allows third parties to run deeply integrated software merits closer examination. https://lnkd.in/gM6CGJNK

Microsoft Entra External Identities is a new platform with capabilities such as accepting and external Identity Provider (IP) and SSO. At the moment Azure AD B2C is still supported, with no plans to change this from Microsoft... at the moment. If you want to be ahead of the identity game... have a look and explore... #Microsoft #identity

Hey #Azure fans, have you heard the news? The #AppGateway team just announced a new public preview feature that will blow your mind! 🤯 It's called TLS/TCP proxy, and it allows you to use a single Application Gateway for both Layer 7 (HTTP/S) and Layer 4 (TCP and TLS) protocols. That means you can now use App Gateway for non-HTTP applications based on protocols like SQL, MQTT, and more. How cool is that, #SoftipNinjas? 😎 This feature opens up a whole new world of possibilities for App Gateway users, such as: • Simplifying your network architecture by reducing the number of load balancers you need • Improving your security posture by terminating TLS connections at the edge • Enhancing your performance and scalability by leveraging App Gateway's autoscaling and zone redundancy capabilities • Saving money by optimizing your resource utilization and reducing operational overhead If you're interested in trying out this feature, head over to the link below and follow the instructions. Don't miss this opportunity to take your App Gateway experience to the next level! 🔥 https://lnkd.in/eFgWqrRF "SOFTIP approved news"

The reference architecture presents a scenario in which access to Azure Web Apps is safeguarded by a suite of Microsoft Services. These services guarantee secure operations and compliance, circumventing the need for traditional perimeter-based security methods like intranets or VPNs for client connections #Azure App services #Zero trust Azure platform # Azure App Service – access flow