Category: Advanced (300)

SoftwareOne has a proven record of successful implementations of centralized inspection with AWS Transit Gateway and site-to-site VPN attachments for our customers. Vendor-provided firewalls remain an option, and the focus of this post is their integration with Gateway Load Balancer. Explore the decisions SoftwareOne took while migrating from centralized north-south inspection with Transit Gateway VPN attachments to centralized inspection with GWLB in front of the Palo Alto VM-Series Firewalls.

Customers using cloud resources on AWS can safeguard sensitive IT systems and data by complying with the industry-recognized CIS AWS Foundations Benchmark, among other best practices defined by AWS security experts. This post explains how to get visibility of your cloud security posture when building secure multi-account, multi-region AWS deployments. Kyndryl is an IT infrastructure services provider that designs, builds, manages, and modernizes the information systems the world depends on every day.

Learn how to support a multi-region, business-critical legacy monolithic application with customer-owned static public IPv4 addresses running on VMware Cloud on AWS. You can do this whilst using the AWS Cloud to deliver the Bring Your Own Public IPv4 Address (BYOIP) function with Amazon VPC, Network Load Balancer, Elastic IP address, Amazon Route 53, and VMware Transit Connect. VMware Cloud on AWS is an integrated hybrid cloud offering jointly developed by AWS and VMware.

Most financial institutions are at different stages of their cloud journey. Many are challenged with delivering new and enhanced services, providing services faster, and driving operational efficiencies while facing increasingly competitive markets. Learn how Avaloq has laid a good foundation to help businesses ease the journey of testing and integrating new solutions by managing the complexities across various phases utilizing Avaloq’s sandbox solution powered by AWS.

Utilities need a solution to manage devices on the field, whether they are for the management of gas, water, electricity, waste, or other. IBM has developed BEAM IoT to address these needs with a solution that, in addition to offering modules and functionalities specific to each segment, has been designed to be open and modular. It can be quickly extended to new business use cases, new regulatory requests, new types of IoT devices, and new data analysis requirements.

As serverless architectures start to grow, finding the right troubleshooting approach becomes a business-critical aspect. In this post, dive into the “instrumentation approach” and how to keep track of internal events within an AWS Lambda function, and how to export processed telemetry data. Lumigo shares a practical guide on how to use AWS Lambda Extensions and follow a storyline of extracting internal events from Lambda functions, processing them, and sending telemetry data to external services.

Open Finance initiatives have been gaining momentum across the world. These initiatives require that banks provide access to customer data through a common, open API for third-party applications, which are referred to as fintech apps. Learn how to build and deploy a basic fintech app on AWS in under an hour by using the Plaid Link API. This app allows users to sign up, log in, select their bank from a list, connect to that bank, and display the latest transactions.

Learn about a multi-regional first-line of support solution Chaos Gears put together using a serverless application running AWS Lambda under the baton of AWS Step Functions to relieve a customer’s engineers from some of their operational burdens. The approach described in this post can be adapted to serve other needs or cover different cases, as AWS Step Functions’ visual workflows allow for a quick translation of business requirements to technical ones.

AWS CloudHSM enables you to generate and use your own encryption keys on AWS. The standard service for managing keys for signing would usually be AWS KMS, but due to legacy requirements from the customer side the team at BJSS needed to support both SHA256 and SHA1. Learn how BJSS successfully signed some data with a key from AWS CloudHSM using Python, and walk through the setup of an AWS CloudHSM cluster for testing using a sample application.

AWS customers running on-premises workloads that leverage Amazon S3 previously needed to set up proxies running on Amazon EC2 to access S3 gateway endpoints. With AWS PrivateLink for Amazon S3, you can provision interface VPC endpoints (interface endpoints) in your virtual private cloud. These endpoints are directly accessible from applications that are on-premises over VPN and AWS Direct Connect, or in a different AWS region over VPC peering.