Problem:
I needed to allow a 3rd party access to only two domains within Route 53 and nothing else within our AWS account.
DailySysAdmin | For all things IT!
A resource for Sys Admins & IT Pros
Problem:
I needed to allow a 3rd party access to only two domains within Route 53 and nothing else within our AWS account.
The aim of this post is to configure policies in AWS to allow accounts that have been provisioned for users with specific permissions to register for MFA themselves. The authenticator we will be using is the Microsoft IOS app but it could also be Google or any other authenticator.
Continue reading “Add Microsoft Authenticator MFA to AWS Accounts”
This is a quick a quick guide to performing the steps needed to connect to AzureAD instance for management via PowerShell
The main driver for this post was a project I had started to migrate all of our applications that were currently using Okta as an Identity Source to Azure Active Directory. An Identity Source is authentication mechanism that you can use instead of the defaults that the application provides. If you also use Office 365 you probably use Azure AD for Single Sign On (SSO) already. This can be extended to other applications such as Salesforce not just for Office 365.
The reasons for this were mainly financial as we had already paid for Office 365 E3 + EMS licences. We therefore had the identity services built in already so it didn’t make sense to continue to pay Okta for the same service. I will go through setting up a number of applications in Azure AD including; AWS Console, BlueJeans, Concur, Dynatrace, Litmos, EmPerform, PeopleHR, Salesforce and Secret Server. All applications use SAML and we will go through the configuration for each individual application below.
Problem:
Your AWS loadbalancer certificate is about to expire and you need to supply a new one to it and to an RDP gateway and session host servers.
Continue reading “Certificate Renewal For AWS Loadbalancer and Remote Desktop Servers”
This post is on how to setup AWS SES and verify your domain so that you send emails from your own domain using SES.