Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Managing Identities at Scale in the Cloud

Sébastien Stormacq - AWS Developer Advocate
September 17, 2019
Technology
1
90

Managing Identities at Scale in the Cloud

Managing identities and authorisations is a core requirement for all apps. Modern applications are required to securely manage hundreds of thousands or millions of identities.

In this talk, you will learn how you can leverage fully managed, serverless services in the cloud to securely manage your user pools. During this talk, we will address common challenges of identity management and identity federation and show how cloud-based solutions can simplify and secure your applications.

Sébastien Stormacq - AWS Developer Advocate

September 17, 2019
Tweet

More Decks by Sébastien Stormacq - AWS Developer Advocate

See All by Sébastien Stormacq - AWS Developer Advocate
Offline storage & automatic data synchronization for your web and mobile applications
sebsto
0
97
Getting Started on AWS
sebsto
0
200
OAuth Démystifié
sebsto
0
150
Deployment pipelines for your iOS / tvOS apps with Amazon EC2 Mac Instances
sebsto
0
1.8k
Server Side Serverless in Swift
sebsto
0
70
Resiliency and Availability Design Patterns for the Cloud
sebsto
1
210
Amazon TimeStream 101
sebsto
0
41
Build conversational interfaces for your customers
sebsto
0
71
Amplify your web and mobile apps development. Full stack, cloud-powered.
sebsto
0
130

Other Decks in Technology

See All in Technology
OCI Vault 概要
oracle4engineer
PRO
0
9.7k
Exadata Database Service on Dedicated Infrastructure(ExaDB-D) UI スクリーン・キャプチャ集
oracle4engineer
PRO
2
3.2k
Python(PYNQ)がテーマのAMD主催のFPGAコンテストに参加してきた
iotengineer22
0
540
初心者向けAWS Securityの勉強会mini Security-JAWSを9ヶ月ぐらい実施してきての近況
cmusudakeisuke
0
140
Lambda10周年!Lambdaは何をもたらしたか
smt7174
2
130
生成AIが変えるデータ分析の全体像
ishikawa_satoru
0
180
テストコード品質を高めるためにMutation Testingライブラリ・Strykerを実戦導入してみた話
ysknsid25
7
2.7k
Mastering Quickfix
daisuzu
1
250
100 名超が参加した日経グループ横断の競技型 AWS 学習イベント「Nikkei Group AWS GameDay」の紹介/mediajaws202411
nikkei_engineer_recruiting
1
170
B2B SaaSから見た最近のC#/.NETの進化
sansantech
PRO
0
950
Why App Signing Matters for Your Android Apps - Android Bangkok Conference 2024
akexorcist
0
130
DynamoDB でスロットリングが発生したとき/when_throttling_occurs_in_dynamodb_short
emiki
0
270

Featured

See All Featured
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
Designing the Hi-DPI Web
ddemaree
280
34k
Done Done
chrislema
181
16k
A designer walks into a library…
pauljervisheath
204
24k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
229
52k
Optimizing for Happiness
mojombo
376
70k
YesSQL, Process and Tooling at Scale
rocio
169
14k
[RailsConf 2023] Rails as a piece of cake
palkan
52
4.9k
Product Roadmaps are Hard
iamctodd
PRO
49
11k
Happy Clients
brianwarren
98
6.7k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
8
900
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k

Transcript

  1. Identity Management at scale in the ☁ Sébastien Stormacq |

    @sebsto Technical Evangelist, AWS EMEA

  2. Congrats ! Your app launched

  3. None

  4. userid firstname lastmail email password sebsto Sébastien Stormacq [email protected] FA34BD7543E…

    natalia Natalia Arbelaez [email protected] AA6FC2984AB…

  5. From 50 to 50.000.000 users

  6. http://blog.interactiveschools.com/blog/50-million-users-how-long-does-it-take-tech-to-reach-this-milestone

  7. What possibly can go wrong ? +,

  8. None
  9. None
  10. None
  11. None

  12. [email protected]

  13. None
  14. None

  15. Developers build features

  16. Amazon Cognito Managing Identities at Scale in the cloud AWS

    credentials and access control Customizable, hosted UI, or SDK Managed user directory Sign in with existing identities (federation) OpenID Connect and OAuth 2.0 Based

  17. Amazon Cognito – Use Cases Business to Business Enterprise Directory

    Enterprise Directory SAML IoT Scenarios AWS IoT Business to Consumer Business to Employee Enterprise Directory SAML
  18. None
  19. None
  20. None

  21. Identity Federation

  22. Identity Federation The user pool manages the overhead of handling

    the tokens that are returned from social sign-in through Facebook, Google, and Amazon, and from OpenID Connect (OIDC) and SAML IdPs. 1 Amazon Cognito user pool Authenticate Federating IdP Redirect/ post back 2 3 CUP token Idp token

  23. Access to Resources User pool authenticates users and returns standard

    tokens Amazon Cognito user pool (CUP) tokens are used to access your custom APIs Identity pool provides role-based AWS credentials to access AWS services 1 Amazon Cognito user pool Authenticate Federating IdP Redirect/ post back 2 Amazon DynamoDB Amazon S3 6 5 Amazon Cognito identity pool Get AWS credentials CUP token 4 API GW Access serverless backend Lambda CUP token 3 CUP token Idp token

  24. GE Healthcare : Health Cloud Provide radiologists and other healthcare

    professionals with a single portal to access enterprise imaging applications to view, process, and easily share images and patient cases. Every day, healthcare data flows through millions of medical devices. Close to 1 petabyte of medical imaging data is stored on Amazon S3. “Using Amazon Cognito, our customers can continue to use their existing credentials and still access our health cloud apps.” Amazon S3 User Federation Amazon Cognito user pools

  25. What are you going to change today? ✅ Managed Service

    in the cloud ✅ Build your own IDP ✅ Federate Identities ✅ Store PII Data

  26. Thank you Sébastien Stormacq | @sebsto Technical Evangelist, AWS EMEA

    Leave your feedback