Book Image

Simplifying Hybrid Cloud Adoption with AWS

By : Frankie Costa Negro
Book Image

Simplifying Hybrid Cloud Adoption with AWS

By: Frankie Costa Negro

Overview of this book

The hybrid edge specialty is often misunderstood because it began with an on-premises-focused view encompassing everything not running inside the traditional data center. If you too have workloads that need to live on premises and need a solution to bridge the gap between both worlds, this book will show you how AWS Outposts allows workloads to leverage the benefits of the cloud running on top of AWS technology. In this book, you’ll learn what the Edge space is, the capabilities to look for when selecting a solution to operate in this realm, and how AWS Outposts delivers. The use cases for Outposts are thoroughly explained and the physical characteristics are detailed alongside the service logical constructs and facility requirements. You’ll gain a comprehensive understanding of the sales process—from order placement to rack delivery to your location. As you advance, you’ll explore how AWS Outposts works in real life with step-by-step examples using AWS CLI and AWS Console before concluding your journey with an extensive overview of security and business continuity for maximizing the value delivered by the product. By the end of this book, you’ll be able to create compelling hybrid architectures, solve complex use cases for hybrid scenarios, and get ready for your way forward with the help of expert guidance.
Table of Contents (14 chapters)
1
Part 1: Understanding AWS Outposts – What It Is, Its Components, and How It Works
5
Part 2: Security, Monitoring, and Maintenance
9
Part 3: Maintenance, Architecture References, and Additional Information

IAM in Outposts

Outposts uses the same services, components, and features available in the AWS cloud. It is a fundamental principle for the engineering of the product to develop Outposts as a native component of AWS infrastructure, integrating as seamlessly as if it were located inside an AWS Region.

The implementation of IAM mechanisms on Outposts leverages AWS IAM service as the building block to provide authentication and authorization. The same principles and concepts apply:

  • IAM resources: Users, groups, roles, policies, and identity providers. These are the types of objects stored in IAM.
  • IAM entities: Users and roles. You can use these elements to perform authentication. Users include federated users authenticated by other directories and roles assumed by other AWS accounts. The all-powerful entity is the root user, created when an AWS account is provisioned. These credentials should be secured and audited.
  • IAM identities: Users, groups, and roles. You can...